General
-
Target
file.exe
-
Size
346KB
-
Sample
221116-fhdwbsdb2y
-
MD5
a82165e3bd5fa28fbbbe3f57225f2a80
-
SHA1
ee202d3b2e513cf7e1d740e332630b0e1e8cd2c6
-
SHA256
9c5600938be9c7ad0fff2304bcb344a5c323c6808043b26696252f159ac5071d
-
SHA512
c6b7fe6f318b3e4cfb3e42cdadf8ef710d11234cb978e0eb3494c56c923541afa08325424b9be5d959140849aeac1ca2b0d10879972e7af70f83d2355a15ffa3
-
SSDEEP
6144:KVfgXVTrVzlm3VOwY8f190hUuz5c9mkitzp:KVfYB/m3wwY8f1Ghh5Ymk
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
redline
neruz
193.106.191.27:47242
-
auth_value
0169a8759f3c9be473f782b96a6ff704
Targets
-
-
Target
file.exe
-
Size
346KB
-
MD5
a82165e3bd5fa28fbbbe3f57225f2a80
-
SHA1
ee202d3b2e513cf7e1d740e332630b0e1e8cd2c6
-
SHA256
9c5600938be9c7ad0fff2304bcb344a5c323c6808043b26696252f159ac5071d
-
SHA512
c6b7fe6f318b3e4cfb3e42cdadf8ef710d11234cb978e0eb3494c56c923541afa08325424b9be5d959140849aeac1ca2b0d10879972e7af70f83d2355a15ffa3
-
SSDEEP
6144:KVfgXVTrVzlm3VOwY8f190hUuz5c9mkitzp:KVfYB/m3wwY8f1Ghh5Ymk
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-