General
-
Target
dc2b4d7c2e73d14551490db3ec96567d32dd853dd01c1e7afbacca4c64a1f70b
-
Size
389KB
-
Sample
220626-h1w6qsabal
-
MD5
bdd558bc85d2702ac6e89c5692ec9125
-
SHA1
c6dadd27e443d8d149d1c387265832d6380ab6d0
-
SHA256
dc2b4d7c2e73d14551490db3ec96567d32dd853dd01c1e7afbacca4c64a1f70b
-
SHA512
db1fb5771b319d37da189fb961954b7bb20fa9a68993b32c4a9b796075e280eec6bd95177abf9a55b1c59b262fe77b53d0d15162594e31cf08869fc00686d689
Static task
static1
Malware Config
Extracted
redline
RUZKI
193.106.191.246:23196
-
auth_value
121027c094f768a0a0e9b562f6417952
Targets
-
-
Target
dc2b4d7c2e73d14551490db3ec96567d32dd853dd01c1e7afbacca4c64a1f70b
-
Size
389KB
-
MD5
bdd558bc85d2702ac6e89c5692ec9125
-
SHA1
c6dadd27e443d8d149d1c387265832d6380ab6d0
-
SHA256
dc2b4d7c2e73d14551490db3ec96567d32dd853dd01c1e7afbacca4c64a1f70b
-
SHA512
db1fb5771b319d37da189fb961954b7bb20fa9a68993b32c4a9b796075e280eec6bd95177abf9a55b1c59b262fe77b53d0d15162594e31cf08869fc00686d689
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-