General
-
Target
99d3e8e677488bed6f7ab10988da7eff0abc3032659aa1306951d9e60dcd1524
-
Size
362KB
-
Sample
221120-wkpcvaee2x
-
MD5
c394cbac9c4884f4c7bff33beda67a49
-
SHA1
9f96d35177d79c6309119b3839f9881f3ae7a3df
-
SHA256
65e8f9415581f21ff6a5b0ba05df7f22acf565b2bb5d959ba7fa297e3a576d92
-
SHA512
44b2c91286682471efffc5cd6ca4e86e9855666bf395cb34520089d45b176e38a30771daaea8e25105cf8090d1f93718c07229ca5b3491ff39b0e538a36dc8c7
-
SSDEEP
6144:r+jh7NQbaIfOm4cnHljA1U2TQldVyOH+54bqUEat5+RaUDTgvDIYs30MAlIMk:r+zxIz4IFjA1jYpH+qb6ewBgctAlu
Static task
static1
Behavioral task
behavioral1
Sample
99d3e8e677488bed6f7ab10988da7eff0abc3032659aa1306951d9e60dcd1524.exe
Resource
win7-20221111-en
Malware Config
Extracted
redline
dozkey
193.106.191.30:47242
-
auth_value
6386fb6f33ca338f864abfc5f8fe1774
Targets
-
-
Target
99d3e8e677488bed6f7ab10988da7eff0abc3032659aa1306951d9e60dcd1524
-
Size
483KB
-
MD5
fde962fdbfea3dbac3497bd5c48cf5db
-
SHA1
b1af9c9043f2f6fa7c3bb805420b669b8f53f399
-
SHA256
99d3e8e677488bed6f7ab10988da7eff0abc3032659aa1306951d9e60dcd1524
-
SHA512
1bf0a0bb4de634a3b6740861b1e8c6af590f27bf2e2e04f0ccfacd9f607986f2d563d189035f403714fc4b96f164ab499f71a82c4a34e2ab11076f7eab69c2b3
-
SSDEEP
6144:NCZGbaIfCm4cnHDjA1U2xQldVyO3+94b21hvUrCZhVV4E+O13oXc:8Z3Iv4IjjA1jSp3+eb2F0DO
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-