General
-
Target
a862aeeae0341e89761b438b0bbaa46df07ac828b20925d8c69b94aca2e0fc78
-
Size
388KB
-
Sample
220626-27q3vaeccj
-
MD5
b45f3251dbae6a956ecb87717c883399
-
SHA1
7f1a3eb5f1e26cbd4dd084fd45624d51eaf73917
-
SHA256
a862aeeae0341e89761b438b0bbaa46df07ac828b20925d8c69b94aca2e0fc78
-
SHA512
891f245f3099e53ef278d7b30cc6470df16e705e06e436fa167c5ff8a4367d0cc4ae4d21db676451519dfe9685bb88e857d1c038ca352b42be3607ab0fba7a2c
Static task
static1
Malware Config
Extracted
redline
RUZKI
193.106.191.246:23196
-
auth_value
121027c094f768a0a0e9b562f6417952
Targets
-
-
Target
a862aeeae0341e89761b438b0bbaa46df07ac828b20925d8c69b94aca2e0fc78
-
Size
388KB
-
MD5
b45f3251dbae6a956ecb87717c883399
-
SHA1
7f1a3eb5f1e26cbd4dd084fd45624d51eaf73917
-
SHA256
a862aeeae0341e89761b438b0bbaa46df07ac828b20925d8c69b94aca2e0fc78
-
SHA512
891f245f3099e53ef278d7b30cc6470df16e705e06e436fa167c5ff8a4367d0cc4ae4d21db676451519dfe9685bb88e857d1c038ca352b42be3607ab0fba7a2c
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-