General
-
Target
b2ba97534d4f06a680b89e7a72f9bd2d.exe
-
Size
107KB
-
Sample
220815-gphzasfahq
-
MD5
b2ba97534d4f06a680b89e7a72f9bd2d
-
SHA1
94621d3abcb442cabbdbb98bc8c348d87b63e55b
-
SHA256
5bea873f424343d158a59032eba5e9d54a7e21634169eb6a95c9d6a11cd2b9f4
-
SHA512
f1f5a01530f2bdd55ecfdf59005e4764ccdc57a6301431342ceca63e5428cbc717ec976b236ab71302b8b9ec80bca71714f41c2a4d8b0eb1c1fc227e235a1099
Behavioral task
behavioral1
Sample
b2ba97534d4f06a680b89e7a72f9bd2d.exe
Resource
win7-20220812-en
Malware Config
Extracted
redline
X
45.76.223.107:25950
-
auth_value
249e1ece2f90b39d9c5563282076f21f
Targets
-
-
Target
b2ba97534d4f06a680b89e7a72f9bd2d.exe
-
Size
107KB
-
MD5
b2ba97534d4f06a680b89e7a72f9bd2d
-
SHA1
94621d3abcb442cabbdbb98bc8c348d87b63e55b
-
SHA256
5bea873f424343d158a59032eba5e9d54a7e21634169eb6a95c9d6a11cd2b9f4
-
SHA512
f1f5a01530f2bdd55ecfdf59005e4764ccdc57a6301431342ceca63e5428cbc717ec976b236ab71302b8b9ec80bca71714f41c2a4d8b0eb1c1fc227e235a1099
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-