General
-
Target
c8901b07aa5700153471c8934a3688f39d48b8eb55c02f6154003d4fb4856a37
-
Size
417KB
-
Sample
220806-f7aj7sdef5
-
MD5
ed039bc25469563a49c9de70050633fc
-
SHA1
31ed1c67759e7dffe9f680cbed9b776b76ab3054
-
SHA256
c8901b07aa5700153471c8934a3688f39d48b8eb55c02f6154003d4fb4856a37
-
SHA512
b1d5fa1d5220700c6ed81b29b0a49fc9055547ce24ad2edbaf6cbca933a65b3221c8181661599468ed3fff84df2e5047b88ef69390c5a2a01413cd112bdf0eae
Static task
static1
Malware Config
Extracted
redline
AF2
stcontact.top:80
-
auth_value
4d729a2faecb406a0eb1d6fcf30432fa
Targets
-
-
Target
c8901b07aa5700153471c8934a3688f39d48b8eb55c02f6154003d4fb4856a37
-
Size
417KB
-
MD5
ed039bc25469563a49c9de70050633fc
-
SHA1
31ed1c67759e7dffe9f680cbed9b776b76ab3054
-
SHA256
c8901b07aa5700153471c8934a3688f39d48b8eb55c02f6154003d4fb4856a37
-
SHA512
b1d5fa1d5220700c6ed81b29b0a49fc9055547ce24ad2edbaf6cbca933a65b3221c8181661599468ed3fff84df2e5047b88ef69390c5a2a01413cd112bdf0eae
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-