General
-
Target
804892a9435ceb976369b96b9afd465c774f862d5ca98cb7fb602a673b775a4d
-
Size
390KB
-
Sample
220630-amy46sebhr
-
MD5
b64627b842b0b3cf005bed9a7b4f498e
-
SHA1
4d41c8bd1084c478304926d5a0f431fb5fe05bd6
-
SHA256
804892a9435ceb976369b96b9afd465c774f862d5ca98cb7fb602a673b775a4d
-
SHA512
88d2c6bcb3f6b3acbe38ec2fd5dd84e41208d1999609ba669b0b96999a4c63fd63119284623b793aafb6bac212374e9c1d6416da2332153a625f47df0433b606
Static task
static1
Malware Config
Extracted
redline
q
193.124.22.7:35632
-
auth_value
1d8557bb46341debdf6200491134caa0
Targets
-
-
Target
804892a9435ceb976369b96b9afd465c774f862d5ca98cb7fb602a673b775a4d
-
Size
390KB
-
MD5
b64627b842b0b3cf005bed9a7b4f498e
-
SHA1
4d41c8bd1084c478304926d5a0f431fb5fe05bd6
-
SHA256
804892a9435ceb976369b96b9afd465c774f862d5ca98cb7fb602a673b775a4d
-
SHA512
88d2c6bcb3f6b3acbe38ec2fd5dd84e41208d1999609ba669b0b96999a4c63fd63119284623b793aafb6bac212374e9c1d6416da2332153a625f47df0433b606
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-