General
-
Target
6a60515816df6f3e068311261addb68246ff784d729709355affc3351ce42586
-
Size
405KB
-
Sample
221106-ysxejacccn
-
MD5
597761b6683669e1e9d1283008dfa331
-
SHA1
141ea5c61c74e990619c4bf1c0e7f916877849a3
-
SHA256
6a60515816df6f3e068311261addb68246ff784d729709355affc3351ce42586
-
SHA512
8b07bbcef14cdb4b083a6613d83f3564efb296a1d2aa5a1397c9f2841840bbc3d6865d1c44184fa60d33b25ddf4fd8b0dad50460d35f079f67838a2c017a32e5
-
SSDEEP
6144:wI1np/PG+W6xeIcBIytOH61PBwolAXM9kmt7vFz9XaWEJR70Zf3ChYJ:pnp1Fe1u61JVt9ntrB9qWch8
Static task
static1
Malware Config
Extracted
redline
suk
193.106.191.25:47242
-
auth_value
9762d5bcad64c7855837e80c232c7e77
Targets
-
-
Target
6a60515816df6f3e068311261addb68246ff784d729709355affc3351ce42586
-
Size
405KB
-
MD5
597761b6683669e1e9d1283008dfa331
-
SHA1
141ea5c61c74e990619c4bf1c0e7f916877849a3
-
SHA256
6a60515816df6f3e068311261addb68246ff784d729709355affc3351ce42586
-
SHA512
8b07bbcef14cdb4b083a6613d83f3564efb296a1d2aa5a1397c9f2841840bbc3d6865d1c44184fa60d33b25ddf4fd8b0dad50460d35f079f67838a2c017a32e5
-
SSDEEP
6144:wI1np/PG+W6xeIcBIytOH61PBwolAXM9kmt7vFz9XaWEJR70Zf3ChYJ:pnp1Fe1u61JVt9ntrB9qWch8
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-