General
-
Target
326ceceefb3363ea3973f83f6cc829a5f5e862f560864563b63c891d7ccf828a
-
Size
444KB
-
Sample
220810-nq7glsbeg4
-
MD5
2ad09a64c05696545c747d8cb9275f81
-
SHA1
63058653c9006c1c42735e88c52e000a9c210940
-
SHA256
326ceceefb3363ea3973f83f6cc829a5f5e862f560864563b63c891d7ccf828a
-
SHA512
28fb0746c42144c3e52b777aa0e6777e7de4745bf9c6806918ac1438b0174b4964b9cf9b65a20a1cdd1f207615c5174b46a6fa87e9b1e586cb556e3bf0bec4e4
Static task
static1
Malware Config
Extracted
redline
ruzki
193.106.191.165:39482
-
auth_value
71a0558c0eea274a5bd617ea85786884
Targets
-
-
Target
326ceceefb3363ea3973f83f6cc829a5f5e862f560864563b63c891d7ccf828a
-
Size
444KB
-
MD5
2ad09a64c05696545c747d8cb9275f81
-
SHA1
63058653c9006c1c42735e88c52e000a9c210940
-
SHA256
326ceceefb3363ea3973f83f6cc829a5f5e862f560864563b63c891d7ccf828a
-
SHA512
28fb0746c42144c3e52b777aa0e6777e7de4745bf9c6806918ac1438b0174b4964b9cf9b65a20a1cdd1f207615c5174b46a6fa87e9b1e586cb556e3bf0bec4e4
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-