General
-
Target
f42d3728263a075c1a06ae948d40f6a1fba6043db5b040000a892ac6813fbab3
-
Size
430KB
-
Sample
220706-s38bwsedcj
-
MD5
4e932770b188d5024d2d5b341256faef
-
SHA1
d152267d202ef30f5697a75f3d33a3d4fd9eea34
-
SHA256
f42d3728263a075c1a06ae948d40f6a1fba6043db5b040000a892ac6813fbab3
-
SHA512
c153ef891374ed613bb61da930ebb282d8236373031633059347a0f61000bf73be62a9e4bf52c8b31ccc6b93d0221f8b34b4e1af35de6283bbc4a3111c1ef888
Static task
static1
Malware Config
Extracted
redline
ib1.4
levelcupsecurity.eu:80
-
auth_value
363e918b58f663fdb3c6d525cf98d4b0
Targets
-
-
Target
f42d3728263a075c1a06ae948d40f6a1fba6043db5b040000a892ac6813fbab3
-
Size
430KB
-
MD5
4e932770b188d5024d2d5b341256faef
-
SHA1
d152267d202ef30f5697a75f3d33a3d4fd9eea34
-
SHA256
f42d3728263a075c1a06ae948d40f6a1fba6043db5b040000a892ac6813fbab3
-
SHA512
c153ef891374ed613bb61da930ebb282d8236373031633059347a0f61000bf73be62a9e4bf52c8b31ccc6b93d0221f8b34b4e1af35de6283bbc4a3111c1ef888
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-