General
-
Target
860e1c103162a30d210ce682981e4d2eb806b810c41f0e85808422386ca6a97e
-
Size
2.1MB
-
Sample
220808-kagz8sabf9
-
MD5
39d47435b5d90357e611becb3b49ecb0
-
SHA1
ae0d82628088bc9a84a0dc646a8678561945650f
-
SHA256
860e1c103162a30d210ce682981e4d2eb806b810c41f0e85808422386ca6a97e
-
SHA512
15e7a19d665f914027f9ed2d51fa7d313dead23361a83be7773e806ead001af1893e7a14376f3e3633e1ba56d181f7eec3872a26094dc561831a798115ff0b6f
Static task
static1
Behavioral task
behavioral1
Sample
860e1c103162a30d210ce682981e4d2eb806b810c41f0e85808422386ca6a97e.exe
Resource
win7-20220718-en
Malware Config
Extracted
redline
game
91.208.236.180:9518
-
auth_value
4fdb04fc5f89357999e8b05422954062
Targets
-
-
Target
860e1c103162a30d210ce682981e4d2eb806b810c41f0e85808422386ca6a97e
-
Size
2.1MB
-
MD5
39d47435b5d90357e611becb3b49ecb0
-
SHA1
ae0d82628088bc9a84a0dc646a8678561945650f
-
SHA256
860e1c103162a30d210ce682981e4d2eb806b810c41f0e85808422386ca6a97e
-
SHA512
15e7a19d665f914027f9ed2d51fa7d313dead23361a83be7773e806ead001af1893e7a14376f3e3633e1ba56d181f7eec3872a26094dc561831a798115ff0b6f
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-