General
-
Target
f78e31fff494a38b41895a6bc3220016b1c818b5c59eaffb24fc0cbe2617a4fa
-
Size
266KB
-
Sample
220925-g9jrbsdfa4
-
MD5
68186067ec3f0ce6547ec400c782bb38
-
SHA1
ad1dd30c9bf72f473ff9063cf565364321916c31
-
SHA256
f78e31fff494a38b41895a6bc3220016b1c818b5c59eaffb24fc0cbe2617a4fa
-
SHA512
dad74ba61966cef1b8724fa7afdb9d3cb178a71afe57d629454673335be66d26be1c6d12561a483b931d1cde748206dc2c5912875f52e846794a980237b3546a
-
SSDEEP
6144:+s8WldtKTVx3OV6JkuHge9iUN9rdjAyX7KdjHve:P8ktqxnHge9is99AddDG
Static task
static1
Behavioral task
behavioral1
Sample
Smart-Youtube電腦版.exe
Resource
win7-20220812-en
Malware Config
Extracted
redline
20220916
193.188.21.37:16640
-
auth_value
a1b5897e8904004e7a7f18a9d0c92349
Targets
-
-
Target
Smart-Youtube電腦版.exe
-
Size
343KB
-
MD5
df97051837da4d7f0eeb5c4de4064644
-
SHA1
8a8b03fd0985c05d397a8e09f82a585f64468956
-
SHA256
56a447bd98b647f83c6c6f202da3a17e905d3e327629372833b3825ca913a4d8
-
SHA512
31770cd589be1fe90e7138f9db3cda01e078fff015a19049afec899d84dbdf99e47b43ca8b0c06f810c4227709b373ac859979963c70febfa19d3014714d053d
-
SSDEEP
6144:ALnd3WldtKTVl3OV6JkqHgK9iUN9PdjAy1+rmm:Ajd3ktqlRHgK9is9RAyW
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-