General
-
Target
24af932407b485435dd098914bd51b93.exe
-
Size
276KB
-
Sample
220806-2fr6tsbfcl
-
MD5
24af932407b485435dd098914bd51b93
-
SHA1
912dce842c73226496fa80001bdb45afa329ae46
-
SHA256
f4608d20bb25e8c81b546084fa1603dc310e853ff60d262350216648a42e4e02
-
SHA512
a5508ccda5f10499cb7d171c5bd99da5dec53c43db3ff8c31dcf8ae764cc404235823f1ad93da8effa4b565c3b3b81e2ae7c39ceb6f2b5a469468194395771a9
Static task
static1
Behavioral task
behavioral1
Sample
24af932407b485435dd098914bd51b93.exe
Resource
win7-20220715-en
Malware Config
Extracted
redline
AF2
stcontact.top:80
-
auth_value
4d729a2faecb406a0eb1d6fcf30432fa
Targets
-
-
Target
24af932407b485435dd098914bd51b93.exe
-
Size
276KB
-
MD5
24af932407b485435dd098914bd51b93
-
SHA1
912dce842c73226496fa80001bdb45afa329ae46
-
SHA256
f4608d20bb25e8c81b546084fa1603dc310e853ff60d262350216648a42e4e02
-
SHA512
a5508ccda5f10499cb7d171c5bd99da5dec53c43db3ff8c31dcf8ae764cc404235823f1ad93da8effa4b565c3b3b81e2ae7c39ceb6f2b5a469468194395771a9
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-