General
-
Target
53ee23903b4e552a6b07f5b484e0c6a7c86aac5d0da336e7da5aecfa93df035a
-
Size
389KB
-
Sample
220626-fw5wzagebj
-
MD5
5868e8ba441d8f0f0608e3abbfa0d832
-
SHA1
2d24b84fad420a2809742555f8057c2a27bdc633
-
SHA256
53ee23903b4e552a6b07f5b484e0c6a7c86aac5d0da336e7da5aecfa93df035a
-
SHA512
02c439468f97f7dbb361b6196506f74ab815b17ea04628475807b92e354b4e4ca0a5236b731364edc1547ba4a00c3b3e56617f80f57ba10913dcd654347e4b09
Static task
static1
Malware Config
Extracted
redline
RUZKI
193.106.191.246:23196
-
auth_value
121027c094f768a0a0e9b562f6417952
Targets
-
-
Target
53ee23903b4e552a6b07f5b484e0c6a7c86aac5d0da336e7da5aecfa93df035a
-
Size
389KB
-
MD5
5868e8ba441d8f0f0608e3abbfa0d832
-
SHA1
2d24b84fad420a2809742555f8057c2a27bdc633
-
SHA256
53ee23903b4e552a6b07f5b484e0c6a7c86aac5d0da336e7da5aecfa93df035a
-
SHA512
02c439468f97f7dbb361b6196506f74ab815b17ea04628475807b92e354b4e4ca0a5236b731364edc1547ba4a00c3b3e56617f80f57ba10913dcd654347e4b09
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-