General
-
Target
file
-
Size
387KB
-
Sample
221027-2t1ecsdhb6
-
MD5
eef7bff3bcfe0c1c71cbac1e68817321
-
SHA1
298b6b75fb1718d3a5dd509540693e54fc60418e
-
SHA256
1b5a97d9c984fe0565dc790706333a183ea99de1f52c30f4137bd6504a0cd04e
-
SHA512
5cdce3539d4b0e698ef043968b347fc148ad1011e9b4a8f47da7962ec3f8554ce6c73b309fb9d83f68bfbcaba24e3614d705e6eb1881b32284de9f732a298b9a
-
SSDEEP
6144:osiqTMGvE7R+N1DJP+TTNN9+NcC+lXQKreIZzAZwz80:oPqTMRWPGNN9+TydAZcB
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Malware Config
Extracted
redline
dzkey
193.106.191.19:47242
-
auth_value
52a449fd61ad73c3abc266d47c699ceb
Targets
-
-
Target
file
-
Size
387KB
-
MD5
eef7bff3bcfe0c1c71cbac1e68817321
-
SHA1
298b6b75fb1718d3a5dd509540693e54fc60418e
-
SHA256
1b5a97d9c984fe0565dc790706333a183ea99de1f52c30f4137bd6504a0cd04e
-
SHA512
5cdce3539d4b0e698ef043968b347fc148ad1011e9b4a8f47da7962ec3f8554ce6c73b309fb9d83f68bfbcaba24e3614d705e6eb1881b32284de9f732a298b9a
-
SSDEEP
6144:osiqTMGvE7R+N1DJP+TTNN9+NcC+lXQKreIZzAZwz80:oPqTMRWPGNN9+TydAZcB
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-