General
-
Target
67c012b488efc9ddabcebdd24d109c969238202c8ee01f1c764df64288156205
-
Size
1005KB
-
Sample
221206-rgft3seb53
-
MD5
ab221db70c7461930b9abfc6c752e865
-
SHA1
f6457c26e2a5956289a6658386c66b5c925ee8aa
-
SHA256
67c012b488efc9ddabcebdd24d109c969238202c8ee01f1c764df64288156205
-
SHA512
a65c528efc43fe667c56f008c403f576fa97be16816fca07fdbedf6b685d2e3bfb028246b6ea89347088fc9bea4e53bacbba8962f3752791a6bfc1e2c477590c
-
SSDEEP
24576:NJz9y27XPHbEr8adMzdVHObQQ0+xvtV4bv87+ydvpLSrXpyHgIrNL:jz1XPHYZIVHpKvge+sp+DpfIrNL
Static task
static1
Behavioral task
behavioral1
Sample
67c012b488efc9ddabcebdd24d109c969238202c8ee01f1c764df64288156205.exe
Resource
win10-20220812-en
Malware Config
Extracted
redline
5021090125_99
hubabuba.top:3306
hubabuba.top:28786
-
auth_value
124fbdd4f7a9837a9ba741ad3085858d
Targets
-
-
Target
67c012b488efc9ddabcebdd24d109c969238202c8ee01f1c764df64288156205
-
Size
1005KB
-
MD5
ab221db70c7461930b9abfc6c752e865
-
SHA1
f6457c26e2a5956289a6658386c66b5c925ee8aa
-
SHA256
67c012b488efc9ddabcebdd24d109c969238202c8ee01f1c764df64288156205
-
SHA512
a65c528efc43fe667c56f008c403f576fa97be16816fca07fdbedf6b685d2e3bfb028246b6ea89347088fc9bea4e53bacbba8962f3752791a6bfc1e2c477590c
-
SSDEEP
24576:NJz9y27XPHbEr8adMzdVHObQQ0+xvtV4bv87+ydvpLSrXpyHgIrNL:jz1XPHYZIVHpKvge+sp+DpfIrNL
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-