General
-
Target
1dd320aff87679f64a455ee7f7ff74a94e8d3d9da079abaaa5dc931a44bbed44
-
Size
333KB
-
Sample
220707-ekvq7acgaq
-
MD5
d4c309055638a93ff96bd22a6ff908d2
-
SHA1
eb596771a007b4ce4b7705843dbde58fe05a6dc2
-
SHA256
1dd320aff87679f64a455ee7f7ff74a94e8d3d9da079abaaa5dc931a44bbed44
-
SHA512
2a95ef22bc3927fcae11970892342b522845a8242f62eb1056b02784d111f0153a8b215cedf3b8e1a2bda20d949cfa110e7a29a2ca566fd338ece945c6cbb3d7
Static task
static1
Behavioral task
behavioral1
Sample
1dd320aff87679f64a455ee7f7ff74a94e8d3d9da079abaaa5dc931a44bbed44.exe
Resource
win10-20220414-en
Malware Config
Extracted
redline
levelcupsecurity.eu:80
-
auth_value
7c1b2032b7b3b6267ca05854dc6f71f1
Targets
-
-
Target
1dd320aff87679f64a455ee7f7ff74a94e8d3d9da079abaaa5dc931a44bbed44
-
Size
333KB
-
MD5
d4c309055638a93ff96bd22a6ff908d2
-
SHA1
eb596771a007b4ce4b7705843dbde58fe05a6dc2
-
SHA256
1dd320aff87679f64a455ee7f7ff74a94e8d3d9da079abaaa5dc931a44bbed44
-
SHA512
2a95ef22bc3927fcae11970892342b522845a8242f62eb1056b02784d111f0153a8b215cedf3b8e1a2bda20d949cfa110e7a29a2ca566fd338ece945c6cbb3d7
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-