General
-
Target
6cc2c859874b97c200182991581df774e1f248de8133e7d8b29a493f07089527.exe
-
Size
339KB
-
Sample
221111-wrdvpacd7x
-
MD5
a700840c0b896750a6705e0258cea6f0
-
SHA1
5a4836d4e9a8900587c695135be6a5877fb895ef
-
SHA256
6cc2c859874b97c200182991581df774e1f248de8133e7d8b29a493f07089527
-
SHA512
4b747a8eff9fae0d97fdfaf7546a46564264713a610d765e02c2be328d3c7578cafb67dd5038a39620977f97ce6f23328e29f3c6800b1fef17571c76ad8b16a7
-
SSDEEP
6144:84Y3LLokCgpf5q55SRdj+Iid1VBhTm2c9VVd+93q/1AC6Ox2YTDwoCYJucic:87L9CYZRdi7dm2cTDg3SAC6Ox50xYu
Static task
static1
Behavioral task
behavioral1
Sample
6cc2c859874b97c200182991581df774e1f248de8133e7d8b29a493f07089527.exe
Resource
win7-20220812-en
Malware Config
Extracted
redline
neruzki
193.106.191.22:47242
-
auth_value
be14ae67c6dd227f622680a27ea42452
Targets
-
-
Target
6cc2c859874b97c200182991581df774e1f248de8133e7d8b29a493f07089527.exe
-
Size
339KB
-
MD5
a700840c0b896750a6705e0258cea6f0
-
SHA1
5a4836d4e9a8900587c695135be6a5877fb895ef
-
SHA256
6cc2c859874b97c200182991581df774e1f248de8133e7d8b29a493f07089527
-
SHA512
4b747a8eff9fae0d97fdfaf7546a46564264713a610d765e02c2be328d3c7578cafb67dd5038a39620977f97ce6f23328e29f3c6800b1fef17571c76ad8b16a7
-
SSDEEP
6144:84Y3LLokCgpf5q55SRdj+Iid1VBhTm2c9VVd+93q/1AC6Ox2YTDwoCYJucic:87L9CYZRdi7dm2cTDg3SAC6Ox50xYu
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-