General
-
Target
9648ccc9dbf898cb7d0c7dd1dd010f6c1ed5aad55140ef3a419d6ee127539806
-
Size
431KB
-
Sample
220706-wysmesaaa7
-
MD5
7719954b623f59b1bafc58b048ea7c4b
-
SHA1
259d6600250108b12c41f0a8f89e89a6b6afee2d
-
SHA256
9648ccc9dbf898cb7d0c7dd1dd010f6c1ed5aad55140ef3a419d6ee127539806
-
SHA512
e5398ffdef578db363b159af0e7ad26e789d160a09a8ccdb54603e83039ad054a043f70d3099d87fbc8eb65fdf0a6e192ee169036ee0fb7d2a2e016c81e4e79a
Static task
static1
Malware Config
Extracted
redline
ib1.4
levelcupsecurity.eu:80
-
auth_value
363e918b58f663fdb3c6d525cf98d4b0
Targets
-
-
Target
9648ccc9dbf898cb7d0c7dd1dd010f6c1ed5aad55140ef3a419d6ee127539806
-
Size
431KB
-
MD5
7719954b623f59b1bafc58b048ea7c4b
-
SHA1
259d6600250108b12c41f0a8f89e89a6b6afee2d
-
SHA256
9648ccc9dbf898cb7d0c7dd1dd010f6c1ed5aad55140ef3a419d6ee127539806
-
SHA512
e5398ffdef578db363b159af0e7ad26e789d160a09a8ccdb54603e83039ad054a043f70d3099d87fbc8eb65fdf0a6e192ee169036ee0fb7d2a2e016c81e4e79a
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-