General
-
Target
4f7b076d9a9e95683032de206c3a63942af8cc2a3189f2b51007985612f8ebbb
-
Size
388KB
-
Sample
220626-w6vfzsdhe4
-
MD5
bdc8c195022efdfb153607c8c49ec479
-
SHA1
ae83f087fadb5288d28dbe101f0b6bfe0903e57d
-
SHA256
4f7b076d9a9e95683032de206c3a63942af8cc2a3189f2b51007985612f8ebbb
-
SHA512
577d071d844705cc7893404b2a4001f96d2335fa11b64b0171865ecbffe14ce19663ab6bd548efce794fb2eb3b50f025edc3e32e27141043cac24367c1ed8f75
Static task
static1
Malware Config
Extracted
redline
RUZKI
193.106.191.246:23196
-
auth_value
121027c094f768a0a0e9b562f6417952
Targets
-
-
Target
4f7b076d9a9e95683032de206c3a63942af8cc2a3189f2b51007985612f8ebbb
-
Size
388KB
-
MD5
bdc8c195022efdfb153607c8c49ec479
-
SHA1
ae83f087fadb5288d28dbe101f0b6bfe0903e57d
-
SHA256
4f7b076d9a9e95683032de206c3a63942af8cc2a3189f2b51007985612f8ebbb
-
SHA512
577d071d844705cc7893404b2a4001f96d2335fa11b64b0171865ecbffe14ce19663ab6bd548efce794fb2eb3b50f025edc3e32e27141043cac24367c1ed8f75
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-