General
-
Target
451d351083f0de2a56ab67d69fb1e2aee9a5c83c751090fd92b1bd15243aaeb8
-
Size
388KB
-
Sample
220627-n9sskacgh2
-
MD5
781093ceb2cab677cd97184d0593c9b8
-
SHA1
cdc7ea2f1a1ddf0c041545ed06df1424e858629a
-
SHA256
451d351083f0de2a56ab67d69fb1e2aee9a5c83c751090fd92b1bd15243aaeb8
-
SHA512
c866fa4788b2f6fb05499d36f165a0e9f8edf23dcc5cb5959610dab83a3a5f568ea0608634bb0cfe99806cfa57d76d32655776b41e80071822b8c51eb55a663f
Static task
static1
Malware Config
Extracted
redline
RUZKI
193.106.191.246:23196
-
auth_value
121027c094f768a0a0e9b562f6417952
Targets
-
-
Target
451d351083f0de2a56ab67d69fb1e2aee9a5c83c751090fd92b1bd15243aaeb8
-
Size
388KB
-
MD5
781093ceb2cab677cd97184d0593c9b8
-
SHA1
cdc7ea2f1a1ddf0c041545ed06df1424e858629a
-
SHA256
451d351083f0de2a56ab67d69fb1e2aee9a5c83c751090fd92b1bd15243aaeb8
-
SHA512
c866fa4788b2f6fb05499d36f165a0e9f8edf23dcc5cb5959610dab83a3a5f568ea0608634bb0cfe99806cfa57d76d32655776b41e80071822b8c51eb55a663f
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-