General
-
Target
file.exe
-
Size
347KB
-
Sample
221116-ct5xeacg4z
-
MD5
16ace11831cf24b53d0ce41fd601ab21
-
SHA1
a096d18beaf7e1d804e50c32fa722a5ca6ddbd7a
-
SHA256
bdcf1207d8c4c9f8274f34866675e312af6564186b0e0cf6bd8d642cda41fc69
-
SHA512
1a54db0159efe895bbc8852e5db65f9b46172714255f78d67098f190211bf5b1ae1d73f5ff7b4ad95cd5d74b68ac72f0ca3057b81aae74f08acd22156be9527b
-
SSDEEP
6144:VkUr14q3O4uRpN1RW3RLkiUSghTHQphDI7TGh/XQxeKyLIYwoQT+6tgjgCODzjVY:vr1buXRspg5HQphM7TY/XQaIYg+6yjk5
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Malware Config
Extracted
redline
neruz
193.106.191.27:47242
-
auth_value
0169a8759f3c9be473f782b96a6ff704
Targets
-
-
Target
file.exe
-
Size
347KB
-
MD5
16ace11831cf24b53d0ce41fd601ab21
-
SHA1
a096d18beaf7e1d804e50c32fa722a5ca6ddbd7a
-
SHA256
bdcf1207d8c4c9f8274f34866675e312af6564186b0e0cf6bd8d642cda41fc69
-
SHA512
1a54db0159efe895bbc8852e5db65f9b46172714255f78d67098f190211bf5b1ae1d73f5ff7b4ad95cd5d74b68ac72f0ca3057b81aae74f08acd22156be9527b
-
SSDEEP
6144:VkUr14q3O4uRpN1RW3RLkiUSghTHQphDI7TGh/XQxeKyLIYwoQT+6tgjgCODzjVY:vr1buXRspg5HQphM7TY/XQaIYg+6yjk5
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-