General
-
Target
4f29634990e43c53d2bdb4d36a28478fd63d5b029c38ca76c6cd6019a4f7648d
-
Size
321KB
-
Sample
220805-v8yqradbal
-
MD5
2953b3aadd3041be3157ab5775ad5c8b
-
SHA1
8b1c59e8cc06bf5e70ce9d9b617f03d5f249e522
-
SHA256
4f29634990e43c53d2bdb4d36a28478fd63d5b029c38ca76c6cd6019a4f7648d
-
SHA512
2ab6a5ff7858b577e2ad3c36733596ab0e182115f2c818534db6b64e0848c969ae11a3b7fbeed9900ecf37bb101232e08667c665b61745bb33104af675c8856e
Static task
static1
Malware Config
Extracted
redline
AF2
stcontact.top:80
-
auth_value
4d729a2faecb406a0eb1d6fcf30432fa
Targets
-
-
Target
4f29634990e43c53d2bdb4d36a28478fd63d5b029c38ca76c6cd6019a4f7648d
-
Size
321KB
-
MD5
2953b3aadd3041be3157ab5775ad5c8b
-
SHA1
8b1c59e8cc06bf5e70ce9d9b617f03d5f249e522
-
SHA256
4f29634990e43c53d2bdb4d36a28478fd63d5b029c38ca76c6cd6019a4f7648d
-
SHA512
2ab6a5ff7858b577e2ad3c36733596ab0e182115f2c818534db6b64e0848c969ae11a3b7fbeed9900ecf37bb101232e08667c665b61745bb33104af675c8856e
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-