General
-
Target
ca2d4679f79af15419f615d23db7f55e89e7fd348c0cd082726e8742b1b4906a.exe
-
Size
428KB
-
Sample
221116-srsr3afg7z
-
MD5
c63e4269092b0850b7fca86e1e13d4b5
-
SHA1
8c70bec3dbf3c2194f50d740ecba1c840852967e
-
SHA256
ca2d4679f79af15419f615d23db7f55e89e7fd348c0cd082726e8742b1b4906a
-
SHA512
20dd67006bacf1a5dc3f8b7fe71618ddadb3583fc29e2d82f4bb40362fee83a17ba525f675f3838c89962582c4451f21ee9f0b4c5ba5db3b9ef604a5a0457454
-
SSDEEP
6144:jHxKLBQOKKhiqyZuCsyN3r7qkwhKXuh07e6tWg1YYVnhqyC/LjzEndTQ:jHoFQOKuPusyN3UKXB7e6tWchQvUdT
Static task
static1
Behavioral task
behavioral1
Sample
ca2d4679f79af15419f615d23db7f55e89e7fd348c0cd082726e8742b1b4906a.exe
Resource
win7-20221111-en
Malware Config
Extracted
redline
neruz
193.106.191.27:47242
-
auth_value
0169a8759f3c9be473f782b96a6ff704
Targets
-
-
Target
ca2d4679f79af15419f615d23db7f55e89e7fd348c0cd082726e8742b1b4906a.exe
-
Size
428KB
-
MD5
c63e4269092b0850b7fca86e1e13d4b5
-
SHA1
8c70bec3dbf3c2194f50d740ecba1c840852967e
-
SHA256
ca2d4679f79af15419f615d23db7f55e89e7fd348c0cd082726e8742b1b4906a
-
SHA512
20dd67006bacf1a5dc3f8b7fe71618ddadb3583fc29e2d82f4bb40362fee83a17ba525f675f3838c89962582c4451f21ee9f0b4c5ba5db3b9ef604a5a0457454
-
SSDEEP
6144:jHxKLBQOKKhiqyZuCsyN3r7qkwhKXuh07e6tWg1YYVnhqyC/LjzEndTQ:jHoFQOKuPusyN3UKXB7e6tWchQvUdT
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-