General
-
Target
db720d33df5146fd770339902f9d5ae9db807856a95f2080b8e3c9a444e44fc2.exe
-
Size
428KB
-
Sample
221116-qlqz6seh81
-
MD5
6572b92ad414cbfdaa8c1f22aa2a2d1b
-
SHA1
7a8ec27f15f5fe7031ce78ce779a89ae9816079e
-
SHA256
db720d33df5146fd770339902f9d5ae9db807856a95f2080b8e3c9a444e44fc2
-
SHA512
98994fba0bbdbadb2d953b81dc6d7773d1dac46c1e4862c31dc843df8cafee017e73a3af497ef91d1d83dbda68e1ecba6b1ad8340e2d114622eacb40013ac82b
-
SSDEEP
12288:UYwNUOPC+rS44VXm73nomqYGgM9F2I4UdT:URPVrv7YmpM9F27wT
Static task
static1
Behavioral task
behavioral1
Sample
db720d33df5146fd770339902f9d5ae9db807856a95f2080b8e3c9a444e44fc2.exe
Resource
win7-20221111-en
Malware Config
Extracted
redline
neruz
193.106.191.27:47242
-
auth_value
0169a8759f3c9be473f782b96a6ff704
Targets
-
-
Target
db720d33df5146fd770339902f9d5ae9db807856a95f2080b8e3c9a444e44fc2.exe
-
Size
428KB
-
MD5
6572b92ad414cbfdaa8c1f22aa2a2d1b
-
SHA1
7a8ec27f15f5fe7031ce78ce779a89ae9816079e
-
SHA256
db720d33df5146fd770339902f9d5ae9db807856a95f2080b8e3c9a444e44fc2
-
SHA512
98994fba0bbdbadb2d953b81dc6d7773d1dac46c1e4862c31dc843df8cafee017e73a3af497ef91d1d83dbda68e1ecba6b1ad8340e2d114622eacb40013ac82b
-
SSDEEP
12288:UYwNUOPC+rS44VXm73nomqYGgM9F2I4UdT:URPVrv7YmpM9F27wT
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-