General
-
Target
dbf20dc429b1ae7162eae6fe859333e380c57f1681dac.exe
-
Size
443KB
-
Sample
220803-cjd1yadhe9
-
MD5
99342a4b5ce806ef4ab2a6d89ba8e99e
-
SHA1
99ae91c56960c1149ecdc56b92f0c236c369c1f7
-
SHA256
dbf20dc429b1ae7162eae6fe859333e380c57f1681dac1b31f401b209e0e93fd
-
SHA512
d84cadb85d8deb204fcadb8dde53b68c255c0926f5d979792b8a9335874848c2ca25148f53d0b7a7ce5fcfca5fea8e118ad0090a76884112dc448b55532517f8
Static task
static1
Behavioral task
behavioral1
Sample
dbf20dc429b1ae7162eae6fe859333e380c57f1681dac.exe
Resource
win7-20220718-en
Malware Config
Extracted
redline
AF2
stcontact.top:80
-
auth_value
4d729a2faecb406a0eb1d6fcf30432fa
Targets
-
-
Target
dbf20dc429b1ae7162eae6fe859333e380c57f1681dac.exe
-
Size
443KB
-
MD5
99342a4b5ce806ef4ab2a6d89ba8e99e
-
SHA1
99ae91c56960c1149ecdc56b92f0c236c369c1f7
-
SHA256
dbf20dc429b1ae7162eae6fe859333e380c57f1681dac1b31f401b209e0e93fd
-
SHA512
d84cadb85d8deb204fcadb8dde53b68c255c0926f5d979792b8a9335874848c2ca25148f53d0b7a7ce5fcfca5fea8e118ad0090a76884112dc448b55532517f8
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-