General
-
Target
94d505ded067e27099b877571a04ef3178264abf78d6ada7c16d3e1cc4d275b9
-
Size
413KB
-
Sample
220806-krss3acggq
-
MD5
436533dac4c5ade1dfc6b44c7101fece
-
SHA1
9e57ba6c41fbbccc19a85122f846d03d61f414bd
-
SHA256
94d505ded067e27099b877571a04ef3178264abf78d6ada7c16d3e1cc4d275b9
-
SHA512
4b20731f2e02f6c8e89720820088375bd99cccbeec4061debff37027fb6e0006d24e97736c77bb6ae14eaa3e90450d8e04d626eae844bdc688d31160750314a5
Static task
static1
Malware Config
Extracted
redline
AF2
stcontact.top:80
-
auth_value
4d729a2faecb406a0eb1d6fcf30432fa
Targets
-
-
Target
94d505ded067e27099b877571a04ef3178264abf78d6ada7c16d3e1cc4d275b9
-
Size
413KB
-
MD5
436533dac4c5ade1dfc6b44c7101fece
-
SHA1
9e57ba6c41fbbccc19a85122f846d03d61f414bd
-
SHA256
94d505ded067e27099b877571a04ef3178264abf78d6ada7c16d3e1cc4d275b9
-
SHA512
4b20731f2e02f6c8e89720820088375bd99cccbeec4061debff37027fb6e0006d24e97736c77bb6ae14eaa3e90450d8e04d626eae844bdc688d31160750314a5
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-