General
-
Target
f7e018ad50b5a66244c4bcd9b2c572cd16f7724a393089120ccd519a7633682a
-
Size
388KB
-
Sample
220626-nb2mtacfh3
-
MD5
2eb2c59d3395beed3e2eeeb67efe82b0
-
SHA1
9776f489b8255932f8a354cbdf523d3b2d61f080
-
SHA256
f7e018ad50b5a66244c4bcd9b2c572cd16f7724a393089120ccd519a7633682a
-
SHA512
ed2e086b871c1d2633900b57a0752a16a481efd783479133b974f45a81c9d8799f87c8607900f11594618a3eaddb2b8c6e411eec6c409f15f110ad344ccba58a
Static task
static1
Malware Config
Extracted
redline
RUZKI
193.106.191.246:23196
-
auth_value
121027c094f768a0a0e9b562f6417952
Targets
-
-
Target
f7e018ad50b5a66244c4bcd9b2c572cd16f7724a393089120ccd519a7633682a
-
Size
388KB
-
MD5
2eb2c59d3395beed3e2eeeb67efe82b0
-
SHA1
9776f489b8255932f8a354cbdf523d3b2d61f080
-
SHA256
f7e018ad50b5a66244c4bcd9b2c572cd16f7724a393089120ccd519a7633682a
-
SHA512
ed2e086b871c1d2633900b57a0752a16a481efd783479133b974f45a81c9d8799f87c8607900f11594618a3eaddb2b8c6e411eec6c409f15f110ad344ccba58a
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-