General
-
Target
file.exe
-
Size
345KB
-
Sample
221111-t7ncysha97
-
MD5
50a38e888d4e00300c91ac82717d217f
-
SHA1
1c006ca576abd79c024f496b746df5f5367f3b6e
-
SHA256
2ff12d29622c3ec451952d6d2905b786fad7db0d7a446d6380b82c2597534738
-
SHA512
1b1d1eac0e6364d99c3d064fa269b42bebae4ca3acfee728b3b0073cc6589b99cfe56525ff1df70ff79defb2171673af94b7497c6e76d5e8ab54cacc6205e27f
-
SSDEEP
6144:Zm9ht0POLRQEi/4TTzT78yn1jrg4k0WeYxEiu6ijOgszC:Zm9yOtQEi/4v78i+MWe011UOgH
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Malware Config
Extracted
redline
neruzki
193.106.191.22:47242
-
auth_value
be14ae67c6dd227f622680a27ea42452
Targets
-
-
Target
file.exe
-
Size
345KB
-
MD5
50a38e888d4e00300c91ac82717d217f
-
SHA1
1c006ca576abd79c024f496b746df5f5367f3b6e
-
SHA256
2ff12d29622c3ec451952d6d2905b786fad7db0d7a446d6380b82c2597534738
-
SHA512
1b1d1eac0e6364d99c3d064fa269b42bebae4ca3acfee728b3b0073cc6589b99cfe56525ff1df70ff79defb2171673af94b7497c6e76d5e8ab54cacc6205e27f
-
SSDEEP
6144:Zm9ht0POLRQEi/4TTzT78yn1jrg4k0WeYxEiu6ijOgszC:Zm9yOtQEi/4v78i+MWe011UOgH
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-