General
-
Target
68c4cca6b40f4a0bb6b07d561915c8cbd3146a2baaffaa720c6b0e5fe7d524c0
-
Size
347KB
-
Sample
221116-eezsysha68
-
MD5
931f5657bf177cfe34903152abd73f98
-
SHA1
b13d14753a005337e973a4b380e2ed2b2dea8d21
-
SHA256
68c4cca6b40f4a0bb6b07d561915c8cbd3146a2baaffaa720c6b0e5fe7d524c0
-
SHA512
37eae0b2f7be6332150d5a7712679b870ed653b748b45c517905bc12cc9b4b0b1317fd97a2b536efc70851c67e31aae97781c88f4713b197235bcd6e4110f20b
-
SSDEEP
6144:ei7tkFCsnrPMXrjZARnGE0htQUhBY+NRyxqP6NCStBjPm:T5kFCmrCrdA1I3YIRyIP6kIjP
Static task
static1
Malware Config
Extracted
redline
neruz
193.106.191.27:47242
-
auth_value
0169a8759f3c9be473f782b96a6ff704
Targets
-
-
Target
68c4cca6b40f4a0bb6b07d561915c8cbd3146a2baaffaa720c6b0e5fe7d524c0
-
Size
347KB
-
MD5
931f5657bf177cfe34903152abd73f98
-
SHA1
b13d14753a005337e973a4b380e2ed2b2dea8d21
-
SHA256
68c4cca6b40f4a0bb6b07d561915c8cbd3146a2baaffaa720c6b0e5fe7d524c0
-
SHA512
37eae0b2f7be6332150d5a7712679b870ed653b748b45c517905bc12cc9b4b0b1317fd97a2b536efc70851c67e31aae97781c88f4713b197235bcd6e4110f20b
-
SSDEEP
6144:ei7tkFCsnrPMXrjZARnGE0htQUhBY+NRyxqP6NCStBjPm:T5kFCmrCrdA1I3YIRyIP6kIjP
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-