General
-
Target
77d8296d6c5bda26c89877da36b17ff40267ba5009af03e567c0688a1622b95e
-
Size
212KB
-
Sample
220805-j5lfgahhcq
-
MD5
07fff911d102363323de4d3420f5cd10
-
SHA1
6874c3da85e4fd010699230cb9781d513530c97e
-
SHA256
77d8296d6c5bda26c89877da36b17ff40267ba5009af03e567c0688a1622b95e
-
SHA512
03f67842f673a0f7116b5c80c785656e3cae0500b6f6441ae0dc113a41258582d7325372ba00e8dc0881af5be3ccfa8046814407cc3310286cc7eae6861ec99e
Static task
static1
Malware Config
Extracted
redline
AF2
stcontact.top:80
-
auth_value
4d729a2faecb406a0eb1d6fcf30432fa
Targets
-
-
Target
77d8296d6c5bda26c89877da36b17ff40267ba5009af03e567c0688a1622b95e
-
Size
212KB
-
MD5
07fff911d102363323de4d3420f5cd10
-
SHA1
6874c3da85e4fd010699230cb9781d513530c97e
-
SHA256
77d8296d6c5bda26c89877da36b17ff40267ba5009af03e567c0688a1622b95e
-
SHA512
03f67842f673a0f7116b5c80c785656e3cae0500b6f6441ae0dc113a41258582d7325372ba00e8dc0881af5be3ccfa8046814407cc3310286cc7eae6861ec99e
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Deletes itself
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-