General
-
Target
ddd7a2ce1924f75632a692b196773db651df23f3143c0.exe
-
Size
442KB
-
Sample
220804-bf3pfsacep
-
MD5
662edb14e5765a32d4ce7a02c06b6ce2
-
SHA1
6cfd86c669e05127cd1afff2b93b8310793c9d82
-
SHA256
ddd7a2ce1924f75632a692b196773db651df23f3143c0481310e6a5cdfdb3b6c
-
SHA512
1e570a9c6c132d4a21afad3f678b8a4dfab9344c87cd3ecfc6caf64e281f41fbff108f597bde6714fa638cf6c9ef0d5655d10dede6a46bfd0eaee8f55e3ceccc
Static task
static1
Behavioral task
behavioral1
Sample
ddd7a2ce1924f75632a692b196773db651df23f3143c0.exe
Resource
win7-20220718-en
Malware Config
Extracted
redline
AF2
stcontact.top:80
-
auth_value
4d729a2faecb406a0eb1d6fcf30432fa
Targets
-
-
Target
ddd7a2ce1924f75632a692b196773db651df23f3143c0.exe
-
Size
442KB
-
MD5
662edb14e5765a32d4ce7a02c06b6ce2
-
SHA1
6cfd86c669e05127cd1afff2b93b8310793c9d82
-
SHA256
ddd7a2ce1924f75632a692b196773db651df23f3143c0481310e6a5cdfdb3b6c
-
SHA512
1e570a9c6c132d4a21afad3f678b8a4dfab9344c87cd3ecfc6caf64e281f41fbff108f597bde6714fa638cf6c9ef0d5655d10dede6a46bfd0eaee8f55e3ceccc
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-