General
-
Target
435004fae2c706ab642c000d31ba4d4c126e2764c7ebc9b9acf4c8f75909f2a2
-
Size
346KB
-
Sample
221115-13488sca6z
-
MD5
e07ce214080ae0ae987866c3169b1084
-
SHA1
19365c60a7e2f2c521229fe12d57da52cae402cb
-
SHA256
435004fae2c706ab642c000d31ba4d4c126e2764c7ebc9b9acf4c8f75909f2a2
-
SHA512
a92e4a6a77834f841e1b6d6c51bac14c2c28b1a494d28c216bc73be78d8c7bdf5030027ddf6767014b0853a9a39f466a3b0424cfdb347a0454d13ea5733fcbe5
-
SSDEEP
6144:ygA0RPfqWdDPESdEKgO7UMjzW7k20SNnOyICkX0stsce:yghNdzxTQ9Nn2X0
Static task
static1
Malware Config
Extracted
redline
neruz
193.106.191.27:47242
-
auth_value
0169a8759f3c9be473f782b96a6ff704
Targets
-
-
Target
435004fae2c706ab642c000d31ba4d4c126e2764c7ebc9b9acf4c8f75909f2a2
-
Size
346KB
-
MD5
e07ce214080ae0ae987866c3169b1084
-
SHA1
19365c60a7e2f2c521229fe12d57da52cae402cb
-
SHA256
435004fae2c706ab642c000d31ba4d4c126e2764c7ebc9b9acf4c8f75909f2a2
-
SHA512
a92e4a6a77834f841e1b6d6c51bac14c2c28b1a494d28c216bc73be78d8c7bdf5030027ddf6767014b0853a9a39f466a3b0424cfdb347a0454d13ea5733fcbe5
-
SSDEEP
6144:ygA0RPfqWdDPESdEKgO7UMjzW7k20SNnOyICkX0stsce:yghNdzxTQ9Nn2X0
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-