General
-
Target
cbe17c61a228c74d2df1e36ad7232ac8
-
Size
399KB
-
Sample
220702-bjx85scbdn
-
MD5
cbe17c61a228c74d2df1e36ad7232ac8
-
SHA1
bec62bcd1cacd592b3197e2ac9265a6943106e08
-
SHA256
653d5351b00090f3574a9e6406cf17b0646887f17c404e3665ec645d1c3e9e68
-
SHA512
e074bcf37ad58f41cf114884b6e08edc0e07fb37fd62009aae2194bc9d8477af373b81bfe6459a293931da61a8446ba3c0f1904cfcce1cc3e6dae89004e7dd92
Static task
static1
Behavioral task
behavioral1
Sample
cbe17c61a228c74d2df1e36ad7232ac8.exe
Resource
win7-20220414-en
Malware Config
Extracted
redline
2
193.124.22.7:35632
-
auth_value
59967defa326eeea5c873678294c84b0
Targets
-
-
Target
cbe17c61a228c74d2df1e36ad7232ac8
-
Size
399KB
-
MD5
cbe17c61a228c74d2df1e36ad7232ac8
-
SHA1
bec62bcd1cacd592b3197e2ac9265a6943106e08
-
SHA256
653d5351b00090f3574a9e6406cf17b0646887f17c404e3665ec645d1c3e9e68
-
SHA512
e074bcf37ad58f41cf114884b6e08edc0e07fb37fd62009aae2194bc9d8477af373b81bfe6459a293931da61a8446ba3c0f1904cfcce1cc3e6dae89004e7dd92
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-