General
-
Target
442e4ac20bf464693191725ebc0312d565365195a110fc36c1ac7ee0d7a57901
-
Size
354KB
-
Sample
220812-k1e9bsbcfn
-
MD5
a2379ee016504345cdca39d6410f33d8
-
SHA1
691c92acfbbc41af017f60a890780f074f64ff29
-
SHA256
442e4ac20bf464693191725ebc0312d565365195a110fc36c1ac7ee0d7a57901
-
SHA512
d357835033b5ce21f246a6db0a16ac21b9503131b29e9a8cdfbf4fd5c7ad5210c8b09cca30039d6ee654a5521262d0edc3d0d548372e7ff77d64751b4fec1f90
Static task
static1
Malware Config
Extracted
redline
ruzki
193.106.191.165:39482
-
auth_value
71a0558c0eea274a5bd617ea85786884
Targets
-
-
Target
442e4ac20bf464693191725ebc0312d565365195a110fc36c1ac7ee0d7a57901
-
Size
354KB
-
MD5
a2379ee016504345cdca39d6410f33d8
-
SHA1
691c92acfbbc41af017f60a890780f074f64ff29
-
SHA256
442e4ac20bf464693191725ebc0312d565365195a110fc36c1ac7ee0d7a57901
-
SHA512
d357835033b5ce21f246a6db0a16ac21b9503131b29e9a8cdfbf4fd5c7ad5210c8b09cca30039d6ee654a5521262d0edc3d0d548372e7ff77d64751b4fec1f90
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-