General
-
Target
fdd5a37e217246392a4367907cd00bb95e83274cc44df045a0d29046df4240ec
-
Size
271KB
-
Sample
220812-bs7tyaehen
-
MD5
54a2e012c33b48d1f4b1d68cb42b5d97
-
SHA1
127e4d42b34241fe9d4188a865c7597d8de40372
-
SHA256
8cef687b60ca05fde9a6a17ed3095da23652966e92a9903f163b23e15fb1308a
-
SHA512
16599fb5b9252019c4eed7d326f959ba06718f39438eef427530ae79c2f3de30b0fc493c95361b5fe813e58fb6c9abf48720c3e125cbaf67c97a6a3dc58031bf
Static task
static1
Behavioral task
behavioral1
Sample
fdd5a37e217246392a4367907cd00bb95e83274cc44df045a0d29046df4240ec.exe
Resource
win7-20220718-en
Malware Config
Extracted
redline
ruzki
193.106.191.165:39482
-
auth_value
71a0558c0eea274a5bd617ea85786884
Targets
-
-
Target
fdd5a37e217246392a4367907cd00bb95e83274cc44df045a0d29046df4240ec
-
Size
352KB
-
MD5
bc34d361563073a2ddd322e9345113bc
-
SHA1
27830da34edca69058200ec8a41a1426e9c1a5f6
-
SHA256
fdd5a37e217246392a4367907cd00bb95e83274cc44df045a0d29046df4240ec
-
SHA512
d2524fc39340df50b548cf5f7f59867fa4408035d0fa947ea611e33693b151e3196e66fe42bb22241a72cf6cf66e093f9dce691d43e76e33ee313200fe5e30ac
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-