General
-
Target
1cf61889eb384eb6c7a802ea321cef67f89a9d98a8ebda4b6932f18d04f970e9
-
Size
363KB
-
Sample
221031-1vy29aedan
-
MD5
93f7660beff9522e5f78452dcb2feb67
-
SHA1
76b18162ed6077db0397050807f1debffa7de02f
-
SHA256
1cf61889eb384eb6c7a802ea321cef67f89a9d98a8ebda4b6932f18d04f970e9
-
SHA512
20179c9f201580aefa2a558d6c973fcfbae74d92ed39f80a2ddf9da6d1d2b012cbeb1aa391d11c1881afc1a9558761dbd4bb2fb0f4a53629d3d909eee7287692
-
SSDEEP
6144:SEWzZTytzdL4XSKsUpkRH0kiPs7EUyBgiFHDAWlT76uin3hPq:SEiZ21dIS7RHdn71QFlnLitq
Static task
static1
Malware Config
Extracted
redline
doz
193.106.191.21:47242
-
auth_value
0c1f6245fdf34473eba636d447c5c2a3
Targets
-
-
Target
1cf61889eb384eb6c7a802ea321cef67f89a9d98a8ebda4b6932f18d04f970e9
-
Size
363KB
-
MD5
93f7660beff9522e5f78452dcb2feb67
-
SHA1
76b18162ed6077db0397050807f1debffa7de02f
-
SHA256
1cf61889eb384eb6c7a802ea321cef67f89a9d98a8ebda4b6932f18d04f970e9
-
SHA512
20179c9f201580aefa2a558d6c973fcfbae74d92ed39f80a2ddf9da6d1d2b012cbeb1aa391d11c1881afc1a9558761dbd4bb2fb0f4a53629d3d909eee7287692
-
SSDEEP
6144:SEWzZTytzdL4XSKsUpkRH0kiPs7EUyBgiFHDAWlT76uin3hPq:SEiZ21dIS7RHdn71QFlnLitq
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-