General
-
Target
ca8304f5a96733419879007eab4309ff294bed49725dc504c268e19f80dc5770
-
Size
271KB
-
Sample
220811-we2qzsadfr
-
MD5
36fc16e7ec9f0488ca0b5223a1f69183
-
SHA1
652feba93796b18a7db93c4a8b87f96e99492a2f
-
SHA256
74ddbbcc906be934fbaed167e4ae77a5b74a60e47823ca2916ef10e999076c72
-
SHA512
8d10d5b334c66db1d678f9bb457d1270d7e993b1711affc8a22b9273f7d58b6624cd372423ac4c9019fcee69290cd55cf8449f86909a491180dba046a22b9577
Static task
static1
Behavioral task
behavioral1
Sample
ca8304f5a96733419879007eab4309ff294bed49725dc504c268e19f80dc5770.exe
Resource
win7-20220715-en
Malware Config
Extracted
redline
ruzki
193.106.191.165:39482
-
auth_value
71a0558c0eea274a5bd617ea85786884
Targets
-
-
Target
ca8304f5a96733419879007eab4309ff294bed49725dc504c268e19f80dc5770
-
Size
352KB
-
MD5
2996fa59a960ae2d684611ed2a3e7916
-
SHA1
673579a894515e3a43d44dc134466c170aa692e7
-
SHA256
ca8304f5a96733419879007eab4309ff294bed49725dc504c268e19f80dc5770
-
SHA512
585c606c571d98d37ddc7ce79f3f7959ba7890150fab1656d2eecab7b6e11c0925ce81aeda80b7c5211ab91e8511a8d9a1a108017df574d6cc78272e199d6464
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-