General
-
Target
file.exe
-
Size
333KB
-
Sample
221217-abf48aag5x
-
MD5
18740a009680fe38a1a107fbfcd098af
-
SHA1
7636ef7fc4b6940ef7dbbc90c23189e44db006d7
-
SHA256
cacdb531596551ebf69091410b07d2de2b2b5852e2bcfd3fcaf042d0ecee0278
-
SHA512
a41478765b6cbbb6d1c17fb40c8e2cd9f17371a881ca37c3200e8bb74d03ad6079fc9a699f4d776459dd9e43e66a6cc5b4f8e0a331e2bbc38b9206c5b44bb0d1
-
SSDEEP
6144:oeLOf3eqHbBJudVxZbTSEOoVPubHEigzLVL5H40M2b:oeqvx7SbnDVWoP/
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Malware Config
Extracted
redline
@2023@
193.106.191.138:32796
-
auth_value
ca057e5baadfd0774a34a6a949cd5e69
Targets
-
-
Target
file.exe
-
Size
333KB
-
MD5
18740a009680fe38a1a107fbfcd098af
-
SHA1
7636ef7fc4b6940ef7dbbc90c23189e44db006d7
-
SHA256
cacdb531596551ebf69091410b07d2de2b2b5852e2bcfd3fcaf042d0ecee0278
-
SHA512
a41478765b6cbbb6d1c17fb40c8e2cd9f17371a881ca37c3200e8bb74d03ad6079fc9a699f4d776459dd9e43e66a6cc5b4f8e0a331e2bbc38b9206c5b44bb0d1
-
SSDEEP
6144:oeLOf3eqHbBJudVxZbTSEOoVPubHEigzLVL5H40M2b:oeqvx7SbnDVWoP/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-