General
-
Target
c7a7f0476315a800e2ecad094126c4394d0f595a42d494fdaff4c2e64775f2bb
-
Size
110KB
-
Sample
220706-mmwp9sbgej
-
MD5
690b7ae4b560ad7b0a2813baac3f56f1
-
SHA1
f6604e13bef092d643c2be314375cde09c56b8be
-
SHA256
c7a7f0476315a800e2ecad094126c4394d0f595a42d494fdaff4c2e64775f2bb
-
SHA512
91dae6c377d8b0841d49a0bcf46134e579600b61f59dc4eb13623e958d6612a0cfbb063654f870da4c50b2ba941ce4886cc4d62054c42320ea197c91027c22d4
Malware Config
Extracted
redline
1
38.17.53.140:30686
-
auth_value
7d4c8895c781964b1dd3b37efbb922d8
Targets
-
-
Target
c7a7f0476315a800e2ecad094126c4394d0f595a42d494fdaff4c2e64775f2bb
-
Size
110KB
-
MD5
690b7ae4b560ad7b0a2813baac3f56f1
-
SHA1
f6604e13bef092d643c2be314375cde09c56b8be
-
SHA256
c7a7f0476315a800e2ecad094126c4394d0f595a42d494fdaff4c2e64775f2bb
-
SHA512
91dae6c377d8b0841d49a0bcf46134e579600b61f59dc4eb13623e958d6612a0cfbb063654f870da4c50b2ba941ce4886cc4d62054c42320ea197c91027c22d4
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-