General
-
Target
b0ad131b9eefb94f0ef96e7c7a1b3a2f5ad274d2ed699652253eaa5e6fec88ea
-
Size
416KB
-
Sample
220806-c5y81acba2
-
MD5
ff451612548cfd7c3faba95922220963
-
SHA1
aea7f869b8ce58cdeda596c98632ac16bcabc5ea
-
SHA256
b0ad131b9eefb94f0ef96e7c7a1b3a2f5ad274d2ed699652253eaa5e6fec88ea
-
SHA512
9dde4f0311fd06cd37bc7ff516bd614d98dccd3b4adca6fd42acc494175016a993398c5eddde18d95139c027588f5ddf660a31df63b3288682ee105c9067f751
Static task
static1
Malware Config
Extracted
redline
AF2
stcontact.top:80
-
auth_value
4d729a2faecb406a0eb1d6fcf30432fa
Targets
-
-
Target
b0ad131b9eefb94f0ef96e7c7a1b3a2f5ad274d2ed699652253eaa5e6fec88ea
-
Size
416KB
-
MD5
ff451612548cfd7c3faba95922220963
-
SHA1
aea7f869b8ce58cdeda596c98632ac16bcabc5ea
-
SHA256
b0ad131b9eefb94f0ef96e7c7a1b3a2f5ad274d2ed699652253eaa5e6fec88ea
-
SHA512
9dde4f0311fd06cd37bc7ff516bd614d98dccd3b4adca6fd42acc494175016a993398c5eddde18d95139c027588f5ddf660a31df63b3288682ee105c9067f751
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-