General
-
Target
ce49dc69072fce2ed2f0809fa84a35e97b344a087517d4c58e5fb4db851b7cbe
-
Size
444KB
-
Sample
220810-mjyqfshbcj
-
MD5
56c1e3f57465e80af6b54cf0a424d9e9
-
SHA1
d8eb2748f4f25c23ced7e4743cd8472134da08a6
-
SHA256
ce49dc69072fce2ed2f0809fa84a35e97b344a087517d4c58e5fb4db851b7cbe
-
SHA512
bf46ebd5a150734540c04eb5eb0617994e60d1e8491ba17048d8d9b65de7a870f63d3651aaa82d54efe38eb60f7e51a7b5be022a5d30702f77bedb7567d090e6
Static task
static1
Malware Config
Extracted
redline
ruzki
193.106.191.165:39482
-
auth_value
71a0558c0eea274a5bd617ea85786884
Targets
-
-
Target
ce49dc69072fce2ed2f0809fa84a35e97b344a087517d4c58e5fb4db851b7cbe
-
Size
444KB
-
MD5
56c1e3f57465e80af6b54cf0a424d9e9
-
SHA1
d8eb2748f4f25c23ced7e4743cd8472134da08a6
-
SHA256
ce49dc69072fce2ed2f0809fa84a35e97b344a087517d4c58e5fb4db851b7cbe
-
SHA512
bf46ebd5a150734540c04eb5eb0617994e60d1e8491ba17048d8d9b65de7a870f63d3651aaa82d54efe38eb60f7e51a7b5be022a5d30702f77bedb7567d090e6
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-