General
-
Target
d9761ddde4c8a4cee78810cadd5b09bb1cd77af913034d138f9e5a9543d121a1
-
Size
96KB
-
Sample
220831-qzj4safaem
-
MD5
4c1c7410404e2317c912063663ebbc2f
-
SHA1
59cda3ea25aeebc5071bf736b450a4315552a0b3
-
SHA256
d9761ddde4c8a4cee78810cadd5b09bb1cd77af913034d138f9e5a9543d121a1
-
SHA512
005ad71f716f45b8a998780fb7d413da79bfe152082f8a4b5ff508dfa30833923aee654923cb4739c703f141cf14a84cca49a595c60bbc647f2eba154b7fd9a6
-
SSDEEP
1536:d907jk8rolbG6jejoigIuyYLB3UicrMFW08UAiqumbfcxv0ujXyyed1oteulgS6d:A0uIYuciRWjUA57C0ujyzd5L
Behavioral task
behavioral1
Sample
d9761ddde4c8a4cee78810cadd5b09bb1cd77af913034d138f9e5a9543d121a1.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
d9761ddde4c8a4cee78810cadd5b09bb1cd77af913034d138f9e5a9543d121a1.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
redline
build
185.107.237.13:12183
Targets
-
-
Target
d9761ddde4c8a4cee78810cadd5b09bb1cd77af913034d138f9e5a9543d121a1
-
Size
96KB
-
MD5
4c1c7410404e2317c912063663ebbc2f
-
SHA1
59cda3ea25aeebc5071bf736b450a4315552a0b3
-
SHA256
d9761ddde4c8a4cee78810cadd5b09bb1cd77af913034d138f9e5a9543d121a1
-
SHA512
005ad71f716f45b8a998780fb7d413da79bfe152082f8a4b5ff508dfa30833923aee654923cb4739c703f141cf14a84cca49a595c60bbc647f2eba154b7fd9a6
-
SSDEEP
1536:d907jk8rolbG6jejoigIuyYLB3UicrMFW08UAiqumbfcxv0ujXyyed1oteulgS6d:A0uIYuciRWjUA57C0ujyzd5L
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-