General
-
Target
statement120522.pdf.exe
-
Size
619KB
-
Sample
221206-st63gaac88
-
MD5
11d2c0b16b431e1ae75aec93cf6a7037
-
SHA1
36a4f32cc3f9721d5df7feeee046d7737e109a40
-
SHA256
73d5eca1312813e6791661c78d6325ab1a6f7e5ddab4913f4fa84c66ddc55545
-
SHA512
49dbb0962889e78f7153e06e1c9862fa77fabcd404935f2e54b655f6ee093ef6c873e4bf4232e5e8e380c21dc19786ab70e3e7887af616808de7dfb1ce1f32f4
-
SSDEEP
12288:fxyJK8QMVu+qN8XpdrXRDdjc0r1VgWsUQCuKb9rDUAyzy:fQA/aub0jBr1VgJxsBk
Static task
static1
Behavioral task
behavioral1
Sample
statement120522.pdf.exe
Resource
win7-20220812-en
Malware Config
Extracted
redline
@aliteeeeeee
tininshassama.xyz:81
-
auth_value
792f7ad03138f97063e5911353ef42d9
Targets
-
-
Target
statement120522.pdf.exe
-
Size
619KB
-
MD5
11d2c0b16b431e1ae75aec93cf6a7037
-
SHA1
36a4f32cc3f9721d5df7feeee046d7737e109a40
-
SHA256
73d5eca1312813e6791661c78d6325ab1a6f7e5ddab4913f4fa84c66ddc55545
-
SHA512
49dbb0962889e78f7153e06e1c9862fa77fabcd404935f2e54b655f6ee093ef6c873e4bf4232e5e8e380c21dc19786ab70e3e7887af616808de7dfb1ce1f32f4
-
SSDEEP
12288:fxyJK8QMVu+qN8XpdrXRDdjc0r1VgWsUQCuKb9rDUAyzy:fQA/aub0jBr1VgJxsBk
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-