General
-
Target
e84f79bcc4945fd911653338bb8ce87b35ca205b2d6a3cd02e696b16546b88bb
-
Size
397KB
-
Sample
220812-xj2r8abae6
-
MD5
11bed2adce5eff4156c3c2a40d2cc8b8
-
SHA1
541b715126b9c26d5e7bea598ed90f05f58695cd
-
SHA256
e84f79bcc4945fd911653338bb8ce87b35ca205b2d6a3cd02e696b16546b88bb
-
SHA512
be19a440b2ce541f82ad53b389989a083b1e83a4bfa0563bc6a3fe68922367c00d46ffc6b53786b4a11c369e81c03e722cfe99b872ccc65d12e22403f2f3c1a4
Static task
static1
Malware Config
Extracted
redline
ruzki
193.106.191.165:39482
-
auth_value
71a0558c0eea274a5bd617ea85786884
Targets
-
-
Target
e84f79bcc4945fd911653338bb8ce87b35ca205b2d6a3cd02e696b16546b88bb
-
Size
397KB
-
MD5
11bed2adce5eff4156c3c2a40d2cc8b8
-
SHA1
541b715126b9c26d5e7bea598ed90f05f58695cd
-
SHA256
e84f79bcc4945fd911653338bb8ce87b35ca205b2d6a3cd02e696b16546b88bb
-
SHA512
be19a440b2ce541f82ad53b389989a083b1e83a4bfa0563bc6a3fe68922367c00d46ffc6b53786b4a11c369e81c03e722cfe99b872ccc65d12e22403f2f3c1a4
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-