General
-
Target
b46b0fb965fe4256236a69f69a8464cac051771c4bd70ff3cb9314ae72c7eebe
-
Size
293KB
-
Sample
221003-pr17nafeh7
-
MD5
ffe21d543e5a63a261aa4c99ee67af1d
-
SHA1
c705bf3c74f8b5207f889eeb56c42c717d089a5a
-
SHA256
b46b0fb965fe4256236a69f69a8464cac051771c4bd70ff3cb9314ae72c7eebe
-
SHA512
daf6d56a54bc6aa0d0a213a7807a2d30450ef43a1d3db97559eb5de8f5b8940b6f4ca4121d4a32e08a42b243ed2b52d3ffe5406e31a6525da72e550714736e7d
-
SSDEEP
6144:nB+Zftqjr82mKeNAS6jQe7j4et5ULusx8UYr+HV2o:nB+ZGrJ9lSE/4VLaR+3
Static task
static1
Behavioral task
behavioral1
Sample
b46b0fb965fe4256236a69f69a8464cac051771c4bd70ff3cb9314ae72c7eebe.exe
Resource
win7-20220812-en
Malware Config
Extracted
redline
20221001
89.22.235.53:16640
-
auth_value
7c7a8658971281de82db43a3b9284d97
Targets
-
-
Target
b46b0fb965fe4256236a69f69a8464cac051771c4bd70ff3cb9314ae72c7eebe
-
Size
293KB
-
MD5
ffe21d543e5a63a261aa4c99ee67af1d
-
SHA1
c705bf3c74f8b5207f889eeb56c42c717d089a5a
-
SHA256
b46b0fb965fe4256236a69f69a8464cac051771c4bd70ff3cb9314ae72c7eebe
-
SHA512
daf6d56a54bc6aa0d0a213a7807a2d30450ef43a1d3db97559eb5de8f5b8940b6f4ca4121d4a32e08a42b243ed2b52d3ffe5406e31a6525da72e550714736e7d
-
SSDEEP
6144:nB+Zftqjr82mKeNAS6jQe7j4et5ULusx8UYr+HV2o:nB+ZGrJ9lSE/4VLaR+3
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-