General
-
Target
850d10d258df09b4e76d52a54aaab545b3fe53c442cf94b367cf288dcb88876a.exe
-
Size
504KB
-
Sample
221113-xa7l4sfe5w
-
MD5
7caae6585d662899aa05c7b8466628e4
-
SHA1
9ead1a7f94387eab9097e198da6dac7a0ca7b516
-
SHA256
850d10d258df09b4e76d52a54aaab545b3fe53c442cf94b367cf288dcb88876a
-
SHA512
fe8893d9a99509a65d66b4fef33663e7cf1eff365337e3c5b3591b6e4085f1313ae6c0cac6bb8503b07004e9ed2b8b9b192f483928a7c366835d7c50fb6b93a9
-
SSDEEP
6144:wwzTQBt3LjnT6vELHg0WMvxltsrqhzIKKFo1VmqGSkk0qd3M1QsHpfLXwOu1ql:w3f3T6vVoxlmrqhzI1EV7h0me/LUql
Static task
static1
Behavioral task
behavioral1
Sample
850d10d258df09b4e76d52a54aaab545b3fe53c442cf94b367cf288dcb88876a.exe
Resource
win7-20220812-en
Malware Config
Extracted
redline
neruzki
193.106.191.22:47242
-
auth_value
be14ae67c6dd227f622680a27ea42452
Targets
-
-
Target
850d10d258df09b4e76d52a54aaab545b3fe53c442cf94b367cf288dcb88876a.exe
-
Size
504KB
-
MD5
7caae6585d662899aa05c7b8466628e4
-
SHA1
9ead1a7f94387eab9097e198da6dac7a0ca7b516
-
SHA256
850d10d258df09b4e76d52a54aaab545b3fe53c442cf94b367cf288dcb88876a
-
SHA512
fe8893d9a99509a65d66b4fef33663e7cf1eff365337e3c5b3591b6e4085f1313ae6c0cac6bb8503b07004e9ed2b8b9b192f483928a7c366835d7c50fb6b93a9
-
SSDEEP
6144:wwzTQBt3LjnT6vELHg0WMvxltsrqhzIKKFo1VmqGSkk0qd3M1QsHpfLXwOu1ql:w3f3T6vVoxlmrqhzI1EV7h0me/LUql
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-