General
-
Target
1516d1d462c87fab8c411baff8221bbd8fc101cf4fe3116b55956958e2c7b3f5.exe
-
Size
340KB
-
Sample
221111-vwrrnshd45
-
MD5
762ce9c48b76189143f5bddfbc541ce8
-
SHA1
593d7c24d59e5bb81a6c13d8287b55ee50addb3b
-
SHA256
1516d1d462c87fab8c411baff8221bbd8fc101cf4fe3116b55956958e2c7b3f5
-
SHA512
8d28099429f2c88f23a3256277a73f6669c89dd8f9ac2b50f9b1f4e9158111e072281aa6cbb95e1f53fe4413b5a451f527cc33d2ee8fd025f28937d565744c58
-
SSDEEP
6144:wqc/3jLe4JNwY+xpSwoVS8g2kFM+FIH+T1ZafDw51yYC0wxo:w53jy4JP+x49a8eT1+cn7N
Static task
static1
Behavioral task
behavioral1
Sample
1516d1d462c87fab8c411baff8221bbd8fc101cf4fe3116b55956958e2c7b3f5.exe
Resource
win7-20220812-en
Malware Config
Extracted
redline
neruzki
193.106.191.22:47242
-
auth_value
be14ae67c6dd227f622680a27ea42452
Targets
-
-
Target
1516d1d462c87fab8c411baff8221bbd8fc101cf4fe3116b55956958e2c7b3f5.exe
-
Size
340KB
-
MD5
762ce9c48b76189143f5bddfbc541ce8
-
SHA1
593d7c24d59e5bb81a6c13d8287b55ee50addb3b
-
SHA256
1516d1d462c87fab8c411baff8221bbd8fc101cf4fe3116b55956958e2c7b3f5
-
SHA512
8d28099429f2c88f23a3256277a73f6669c89dd8f9ac2b50f9b1f4e9158111e072281aa6cbb95e1f53fe4413b5a451f527cc33d2ee8fd025f28937d565744c58
-
SSDEEP
6144:wqc/3jLe4JNwY+xpSwoVS8g2kFM+FIH+T1ZafDw51yYC0wxo:w53jy4JP+x49a8eT1+cn7N
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-