General
-
Target
197cf74cd5fbc150cc7d98e0e41a3daf2b4bbc473f8d311a304ccf28c9e625c4
-
Size
340KB
-
Sample
221111-pwcpvsfd75
-
MD5
3c55dddf974dd578b3395abb260c7552
-
SHA1
7722f71667f6ab4f884decdce9f2b07951e454f2
-
SHA256
197cf74cd5fbc150cc7d98e0e41a3daf2b4bbc473f8d311a304ccf28c9e625c4
-
SHA512
37e1b0123a96fb7f6f337ab524a424121d0626ebbe6fd71be8fdd1de247468b4f9ba2a32031e61c1d0852bf0559ce462f17023040befe67e4dae26c65191f056
-
SSDEEP
6144:y24L9j+GD8ndJEDmxpWtzgABLE5kwrJ4qQhpPhoejhmTcQ:yrBj+GWrCx5Y/rJ44CmT
Static task
static1
Malware Config
Extracted
redline
neruzki
193.106.191.22:47242
-
auth_value
be14ae67c6dd227f622680a27ea42452
Targets
-
-
Target
197cf74cd5fbc150cc7d98e0e41a3daf2b4bbc473f8d311a304ccf28c9e625c4
-
Size
340KB
-
MD5
3c55dddf974dd578b3395abb260c7552
-
SHA1
7722f71667f6ab4f884decdce9f2b07951e454f2
-
SHA256
197cf74cd5fbc150cc7d98e0e41a3daf2b4bbc473f8d311a304ccf28c9e625c4
-
SHA512
37e1b0123a96fb7f6f337ab524a424121d0626ebbe6fd71be8fdd1de247468b4f9ba2a32031e61c1d0852bf0559ce462f17023040befe67e4dae26c65191f056
-
SSDEEP
6144:y24L9j+GD8ndJEDmxpWtzgABLE5kwrJ4qQhpPhoejhmTcQ:yrBj+GWrCx5Y/rJ44CmT
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-