General
-
Target
file.exe
-
Size
347KB
-
Sample
221115-2tegwscb7x
-
MD5
70995945e7cd6391c744d73249da3370
-
SHA1
29b4c9f86e1072451ed8abba7efa67c681e8afff
-
SHA256
24f30c28deb9511472478f46db8a6e0832624fe38133a5562667a46babe8c930
-
SHA512
c6692d3b6ba60e2162f8f6d7862c9a55e251aa409fab769166490b507d5857eb4716a7b10a4e1579e4a37b5b2ad7cd6741d1dfbc4c4cf1c40653f2a3d81b42a9
-
SSDEEP
6144:iyHaMM5qUC45Zd2XlUIgsmzINhIHluDYiXBVWNw/a1tax:iyHaMM5tC412XquNhZYBw/
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
redline
neruz
193.106.191.27:47242
-
auth_value
0169a8759f3c9be473f782b96a6ff704
Targets
-
-
Target
file.exe
-
Size
347KB
-
MD5
70995945e7cd6391c744d73249da3370
-
SHA1
29b4c9f86e1072451ed8abba7efa67c681e8afff
-
SHA256
24f30c28deb9511472478f46db8a6e0832624fe38133a5562667a46babe8c930
-
SHA512
c6692d3b6ba60e2162f8f6d7862c9a55e251aa409fab769166490b507d5857eb4716a7b10a4e1579e4a37b5b2ad7cd6741d1dfbc4c4cf1c40653f2a3d81b42a9
-
SSDEEP
6144:iyHaMM5qUC45Zd2XlUIgsmzINhIHluDYiXBVWNw/a1tax:iyHaMM5tC412XquNhZYBw/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-