General
-
Target
53028e41d47860f3e85545cf6f58f69096412c5b0d24cd625f3ecdfb420bcb1d
-
Size
345KB
-
Sample
221111-wzkcfahg27
-
MD5
75456f7e25d9efed9ce47092a39e8a28
-
SHA1
ac7c455a206f9ea47ef27dfd73cbcd0e32c635f7
-
SHA256
53028e41d47860f3e85545cf6f58f69096412c5b0d24cd625f3ecdfb420bcb1d
-
SHA512
f1c5584f2349aad9afbbd122a2a604f91b5cbcc7d52ae30f78867a270ed9a29e09e6d5212d43d03df563eaac0e6396aa2eee03ce18268c61942c05165fd371cb
-
SSDEEP
6144:fF9XhpBLC4UzCfVif3h0rp3n/vNY6jQTOArQdowlHH27Hg12:fF9RpB24U+tiPSdnG6jEmCiH
Static task
static1
Malware Config
Extracted
redline
neruzki
193.106.191.22:47242
-
auth_value
be14ae67c6dd227f622680a27ea42452
Targets
-
-
Target
53028e41d47860f3e85545cf6f58f69096412c5b0d24cd625f3ecdfb420bcb1d
-
Size
345KB
-
MD5
75456f7e25d9efed9ce47092a39e8a28
-
SHA1
ac7c455a206f9ea47ef27dfd73cbcd0e32c635f7
-
SHA256
53028e41d47860f3e85545cf6f58f69096412c5b0d24cd625f3ecdfb420bcb1d
-
SHA512
f1c5584f2349aad9afbbd122a2a604f91b5cbcc7d52ae30f78867a270ed9a29e09e6d5212d43d03df563eaac0e6396aa2eee03ce18268c61942c05165fd371cb
-
SSDEEP
6144:fF9XhpBLC4UzCfVif3h0rp3n/vNY6jQTOArQdowlHH27Hg12:fF9RpB24U+tiPSdnG6jEmCiH
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-