General
-
Target
http://81.161.229.110/htdocs/
-
Sample
220902-ynenxseba3
Score
10/10
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
http://81.161.229.110/htdocs/
Resource
win10v2004-20220812-en
windows10-2004-x64
13 signatures
150 seconds
Malware Config
Extracted
Family
redline
C2
78.24.216.5:42717
Attributes
-
auth_value
6687e352a0604d495c3851d248ebf06f
Targets
-
-
Target
http://81.161.229.110/htdocs/
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-