General
-
Target
2df93b480bbd8a6b08485ec05ae7a7cf0378b530ccaa9772066301ce6862c393
-
Size
444KB
-
Sample
220809-3snvlsbgh4
-
MD5
f6f1b39b1b0a52ca0da8b6e834348c7c
-
SHA1
bac2434b5638536f6e41d4a40d529f2bd2d929c7
-
SHA256
2df93b480bbd8a6b08485ec05ae7a7cf0378b530ccaa9772066301ce6862c393
-
SHA512
8804c715a1ce7987a8134e83df54f68407d2abde40183182678b55675fdc000bce793363c11b859b0142a9fd3da2a3f5bcfc921988d9fd0400832a59a25d9fd1
Static task
static1
Malware Config
Extracted
redline
ruzki
193.106.191.165:39482
-
auth_value
71a0558c0eea274a5bd617ea85786884
Targets
-
-
Target
2df93b480bbd8a6b08485ec05ae7a7cf0378b530ccaa9772066301ce6862c393
-
Size
444KB
-
MD5
f6f1b39b1b0a52ca0da8b6e834348c7c
-
SHA1
bac2434b5638536f6e41d4a40d529f2bd2d929c7
-
SHA256
2df93b480bbd8a6b08485ec05ae7a7cf0378b530ccaa9772066301ce6862c393
-
SHA512
8804c715a1ce7987a8134e83df54f68407d2abde40183182678b55675fdc000bce793363c11b859b0142a9fd3da2a3f5bcfc921988d9fd0400832a59a25d9fd1
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-