General
-
Target
e628857218db041ba101824f54fa64e4948a80bb4f542.exe
-
Size
430KB
-
Sample
220707-hzxqwahbb7
-
MD5
960f1044b8853d1f06a0d7bf75d249e3
-
SHA1
90abcb56e8ddcabcff8bf7b0571d50af9eec8331
-
SHA256
e628857218db041ba101824f54fa64e4948a80bb4f542fc0aa5911067ada6c5c
-
SHA512
4adc546a1e4996129c7bca1412312dfdfb1212e074e5d3eb851f07717436ab2e67e13185c74c58b352987722986d678487aa4234a348083668c924c226d45156
Static task
static1
Behavioral task
behavioral1
Sample
e628857218db041ba101824f54fa64e4948a80bb4f542.exe
Resource
win7-20220414-en
Malware Config
Extracted
redline
levelcupsecurity.eu:80
-
auth_value
7c1b2032b7b3b6267ca05854dc6f71f1
Targets
-
-
Target
e628857218db041ba101824f54fa64e4948a80bb4f542.exe
-
Size
430KB
-
MD5
960f1044b8853d1f06a0d7bf75d249e3
-
SHA1
90abcb56e8ddcabcff8bf7b0571d50af9eec8331
-
SHA256
e628857218db041ba101824f54fa64e4948a80bb4f542fc0aa5911067ada6c5c
-
SHA512
4adc546a1e4996129c7bca1412312dfdfb1212e074e5d3eb851f07717436ab2e67e13185c74c58b352987722986d678487aa4234a348083668c924c226d45156
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-