General
-
Target
09fb1d64b4b480fb48cfecb85a0f53bf8b1ec3b43d9e49939d8675c4d921cb08
-
Size
323KB
-
Sample
220805-ra6f6adeh3
-
MD5
6132dce93fecbbd54ddb3491f0553377
-
SHA1
f90d2ae680de19775c9368a5b075f5c8d5d72c81
-
SHA256
09fb1d64b4b480fb48cfecb85a0f53bf8b1ec3b43d9e49939d8675c4d921cb08
-
SHA512
1f628f33cdc6713cdd6fd7732e61d75db924c8443587c45cd00f2695dddf67e8b87104c3609d47143bf8e126417b83a90d81bef2a7e2b9e6fe41b172eb2f024d
Static task
static1
Malware Config
Extracted
redline
AF2
stcontact.top:80
-
auth_value
4d729a2faecb406a0eb1d6fcf30432fa
Targets
-
-
Target
09fb1d64b4b480fb48cfecb85a0f53bf8b1ec3b43d9e49939d8675c4d921cb08
-
Size
323KB
-
MD5
6132dce93fecbbd54ddb3491f0553377
-
SHA1
f90d2ae680de19775c9368a5b075f5c8d5d72c81
-
SHA256
09fb1d64b4b480fb48cfecb85a0f53bf8b1ec3b43d9e49939d8675c4d921cb08
-
SHA512
1f628f33cdc6713cdd6fd7732e61d75db924c8443587c45cd00f2695dddf67e8b87104c3609d47143bf8e126417b83a90d81bef2a7e2b9e6fe41b172eb2f024d
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-