General
-
Target
327df9ee5e64512b498d2ea577fa4cf89bdf1e74410b94c22b5f859bf9ad0129
-
Size
388KB
-
Sample
220626-rhn7vadbf2
-
MD5
a48892ca959b74c4eb8ff7bad785f882
-
SHA1
7f173ee59e9408be747bb6463e2b6b09fc8176fc
-
SHA256
327df9ee5e64512b498d2ea577fa4cf89bdf1e74410b94c22b5f859bf9ad0129
-
SHA512
0ec6825f210fe302429b9a6246f520423473df288ef4e60ea00103c04ac237a0991c86d18c98820fc46061f884dd65c796c00922260cdc73fb8a5f39df5ac001
Static task
static1
Malware Config
Extracted
redline
RUZKI
193.106.191.246:23196
-
auth_value
121027c094f768a0a0e9b562f6417952
Targets
-
-
Target
327df9ee5e64512b498d2ea577fa4cf89bdf1e74410b94c22b5f859bf9ad0129
-
Size
388KB
-
MD5
a48892ca959b74c4eb8ff7bad785f882
-
SHA1
7f173ee59e9408be747bb6463e2b6b09fc8176fc
-
SHA256
327df9ee5e64512b498d2ea577fa4cf89bdf1e74410b94c22b5f859bf9ad0129
-
SHA512
0ec6825f210fe302429b9a6246f520423473df288ef4e60ea00103c04ac237a0991c86d18c98820fc46061f884dd65c796c00922260cdc73fb8a5f39df5ac001
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-