General
-
Target
5e0334033439da4b0e2bc643bf48f37d7ba62d7b970a6e3b0354b9170efac965
-
Size
323KB
-
Sample
220805-phy1yaaceq
-
MD5
2b6895156eabc02c49774062ded86583
-
SHA1
a271eec79cf291d540a549e32df7aab17028ac14
-
SHA256
5e0334033439da4b0e2bc643bf48f37d7ba62d7b970a6e3b0354b9170efac965
-
SHA512
b6b0f7d56780e027b16d1510f4ada5466846c4f7ddcb41c44884bee278c5c2014277207890a7653a58b464f13d6159b9eadaf660defa830387d4f103f762d4df
Static task
static1
Malware Config
Extracted
redline
AF2
stcontact.top:80
-
auth_value
4d729a2faecb406a0eb1d6fcf30432fa
Targets
-
-
Target
5e0334033439da4b0e2bc643bf48f37d7ba62d7b970a6e3b0354b9170efac965
-
Size
323KB
-
MD5
2b6895156eabc02c49774062ded86583
-
SHA1
a271eec79cf291d540a549e32df7aab17028ac14
-
SHA256
5e0334033439da4b0e2bc643bf48f37d7ba62d7b970a6e3b0354b9170efac965
-
SHA512
b6b0f7d56780e027b16d1510f4ada5466846c4f7ddcb41c44884bee278c5c2014277207890a7653a58b464f13d6159b9eadaf660defa830387d4f103f762d4df
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-