General
-
Target
061b62919f46f8d9f02140e626ee3fb1.exe
-
Size
91KB
-
Sample
221129-qz8r5sea26
-
MD5
061b62919f46f8d9f02140e626ee3fb1
-
SHA1
28a0c078050717bec6582a3c386be837f8dc90e0
-
SHA256
3113aa7edb0e3f006ce555d414ac8aec3f1e291805d1eb7b2103e5c5f92d8328
-
SHA512
10872453f2eb71798320841528023f6f18b67dd25d40bf7572f1e8026dbb819595eb6f37047e70c8ff85f4e5d336572ec10c7d2228120a1587efad12b3a22f2f
-
SSDEEP
1536:C7FxGTEo7qcZL2LQEU4WcILxdtylKdNHtO8LnbrUMKGMc/A/IzKVqk/6xI/obwZz:Ix1EqcZL2MEU4WcILg8LbZnMc/QIzKV9
Behavioral task
behavioral1
Sample
061b62919f46f8d9f02140e626ee3fb1.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
061b62919f46f8d9f02140e626ee3fb1.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
redline
5121940512_99
soccerschoolio.xyz:3306
soccerschoolio.xyz:28786
-
auth_value
b2bd789e382f723abb14d658fc457e8f
Targets
-
-
Target
061b62919f46f8d9f02140e626ee3fb1.exe
-
Size
91KB
-
MD5
061b62919f46f8d9f02140e626ee3fb1
-
SHA1
28a0c078050717bec6582a3c386be837f8dc90e0
-
SHA256
3113aa7edb0e3f006ce555d414ac8aec3f1e291805d1eb7b2103e5c5f92d8328
-
SHA512
10872453f2eb71798320841528023f6f18b67dd25d40bf7572f1e8026dbb819595eb6f37047e70c8ff85f4e5d336572ec10c7d2228120a1587efad12b3a22f2f
-
SSDEEP
1536:C7FxGTEo7qcZL2LQEU4WcILxdtylKdNHtO8LnbrUMKGMc/A/IzKVqk/6xI/obwZz:Ix1EqcZL2MEU4WcILg8LbZnMc/QIzKV9
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-