General
-
Target
f918a8fd87946794f53c622d6c59cae13cfb0c75738f3af5e782b06b8681609e
-
Size
387KB
-
Sample
221027-y5mqvsdcg3
-
MD5
b22914d44bb8ada73aca557a72346531
-
SHA1
2e02ad271a6ab77ef3650633811183d7835e2a51
-
SHA256
f918a8fd87946794f53c622d6c59cae13cfb0c75738f3af5e782b06b8681609e
-
SHA512
0ef8f801184a1b6b93f346fc60ee7a0a7e0c5df40324c6525c2b482fc70ad75225568c14cb80ed047d1188e90f860e8168a9f9c7fc5ccb5afc5d3585931a93d6
-
SSDEEP
6144:4AiqTn+fYqqejWw0ncDYJGahdIirxR+e0:4DqTn+wpejWznrjIMT+v
Static task
static1
Malware Config
Extracted
redline
dzkey
193.106.191.19:47242
-
auth_value
52a449fd61ad73c3abc266d47c699ceb
Targets
-
-
Target
f918a8fd87946794f53c622d6c59cae13cfb0c75738f3af5e782b06b8681609e
-
Size
387KB
-
MD5
b22914d44bb8ada73aca557a72346531
-
SHA1
2e02ad271a6ab77ef3650633811183d7835e2a51
-
SHA256
f918a8fd87946794f53c622d6c59cae13cfb0c75738f3af5e782b06b8681609e
-
SHA512
0ef8f801184a1b6b93f346fc60ee7a0a7e0c5df40324c6525c2b482fc70ad75225568c14cb80ed047d1188e90f860e8168a9f9c7fc5ccb5afc5d3585931a93d6
-
SSDEEP
6144:4AiqTn+fYqqejWw0ncDYJGahdIirxR+e0:4DqTn+wpejWznrjIMT+v
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-