General
-
Target
abeb9e0696752ced4bdc080d9fb9619a.exe
-
Size
286KB
-
Sample
220806-r5ab7sabc9
-
MD5
abeb9e0696752ced4bdc080d9fb9619a
-
SHA1
12f40a6096d815287e3ff96398308cd31c393a11
-
SHA256
e2448138c3270c28dd55157cc0ebad761c87a3fdb73677b4e92ca6f83e6a8a82
-
SHA512
ed6aeedff95f76b9ff3b2c5e7110492abdb74c95d81f708849f6fd69aafd7228b7d8268d9913ea4badc67f720f63cd124f0b72ffa0f55bee419241b83a1bc389
Static task
static1
Behavioral task
behavioral1
Sample
abeb9e0696752ced4bdc080d9fb9619a.exe
Resource
win7-20220715-en
Malware Config
Extracted
redline
AF2
stcontact.top:80
-
auth_value
4d729a2faecb406a0eb1d6fcf30432fa
Targets
-
-
Target
abeb9e0696752ced4bdc080d9fb9619a.exe
-
Size
286KB
-
MD5
abeb9e0696752ced4bdc080d9fb9619a
-
SHA1
12f40a6096d815287e3ff96398308cd31c393a11
-
SHA256
e2448138c3270c28dd55157cc0ebad761c87a3fdb73677b4e92ca6f83e6a8a82
-
SHA512
ed6aeedff95f76b9ff3b2c5e7110492abdb74c95d81f708849f6fd69aafd7228b7d8268d9913ea4badc67f720f63cd124f0b72ffa0f55bee419241b83a1bc389
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-