General
-
Target
317523649267143894dc16bb1eb584497fcecf5114ac16e847145686a804c7fe
-
Size
319KB
-
Sample
220805-xvc81agcg4
-
MD5
3465301e727019f253f5e50dbffc175b
-
SHA1
f11e6b891a5d65bd0c2e47212bdb25404960a7a3
-
SHA256
317523649267143894dc16bb1eb584497fcecf5114ac16e847145686a804c7fe
-
SHA512
45eaa960cd68c45dac3b8930b74047c7ba2697aa5c632e8a9464365447a4b1a4c8f18d371078c4114b5677d9ce856a7686bad7dba8583aadde2e422f8dae349c
Static task
static1
Malware Config
Extracted
redline
AF2
stcontact.top:80
-
auth_value
4d729a2faecb406a0eb1d6fcf30432fa
Targets
-
-
Target
317523649267143894dc16bb1eb584497fcecf5114ac16e847145686a804c7fe
-
Size
319KB
-
MD5
3465301e727019f253f5e50dbffc175b
-
SHA1
f11e6b891a5d65bd0c2e47212bdb25404960a7a3
-
SHA256
317523649267143894dc16bb1eb584497fcecf5114ac16e847145686a804c7fe
-
SHA512
45eaa960cd68c45dac3b8930b74047c7ba2697aa5c632e8a9464365447a4b1a4c8f18d371078c4114b5677d9ce856a7686bad7dba8583aadde2e422f8dae349c
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-