General
-
Target
1546df358ae085913f88b383df880a0172004b0a98f34fe33c7181fdd3b2edd6
-
Size
430KB
-
Sample
220706-1chmjshcfq
-
MD5
5d94a46ace90c00cae9cd7d336a6fc7a
-
SHA1
4530e932ae651daa76177bcafbe59d714bbe8c58
-
SHA256
1546df358ae085913f88b383df880a0172004b0a98f34fe33c7181fdd3b2edd6
-
SHA512
327c94f9058cd30151c6a1f60309b5c44d7695413e05020571aca061bcb50ce120e661a56d6ca930ae3d7d805855a3e933d3716b5f12f97286ba50b5c7470379
Static task
static1
Behavioral task
behavioral1
Sample
1546df358ae085913f88b383df880a0172004b0a98f34fe33c7181fdd3b2edd6.exe
Resource
win10-20220414-en
Malware Config
Extracted
redline
levelcupsecurity.eu:80
-
auth_value
7c1b2032b7b3b6267ca05854dc6f71f1
Targets
-
-
Target
1546df358ae085913f88b383df880a0172004b0a98f34fe33c7181fdd3b2edd6
-
Size
430KB
-
MD5
5d94a46ace90c00cae9cd7d336a6fc7a
-
SHA1
4530e932ae651daa76177bcafbe59d714bbe8c58
-
SHA256
1546df358ae085913f88b383df880a0172004b0a98f34fe33c7181fdd3b2edd6
-
SHA512
327c94f9058cd30151c6a1f60309b5c44d7695413e05020571aca061bcb50ce120e661a56d6ca930ae3d7d805855a3e933d3716b5f12f97286ba50b5c7470379
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-