General
-
Target
334c858c9629a2126a81774aba358937.exe
-
Size
442KB
-
Sample
220805-s1w6vaedf7
-
MD5
334c858c9629a2126a81774aba358937
-
SHA1
3e5c980418a587a730f169749266493451e87deb
-
SHA256
8d7178c1ffed8cd90cf98754fec35878cd6171be876868ab79df7bd540d59c4a
-
SHA512
ddcbf2f886a38d8bc9865f2d4c812acf38f63d164a32fe8f01b57e649f84281a704aed6e0fb97a6461a002e989cc19c09e80456662ee92aef0f11daaad5112e5
Static task
static1
Behavioral task
behavioral1
Sample
334c858c9629a2126a81774aba358937.exe
Resource
win7-20220718-en
Malware Config
Extracted
redline
AF2
stcontact.top:80
-
auth_value
4d729a2faecb406a0eb1d6fcf30432fa
Targets
-
-
Target
334c858c9629a2126a81774aba358937.exe
-
Size
442KB
-
MD5
334c858c9629a2126a81774aba358937
-
SHA1
3e5c980418a587a730f169749266493451e87deb
-
SHA256
8d7178c1ffed8cd90cf98754fec35878cd6171be876868ab79df7bd540d59c4a
-
SHA512
ddcbf2f886a38d8bc9865f2d4c812acf38f63d164a32fe8f01b57e649f84281a704aed6e0fb97a6461a002e989cc19c09e80456662ee92aef0f11daaad5112e5
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-