General
-
Target
15010f98bf5f1f0aca65d94949f717c8fcfebcb3c446b05bd97887e1e82f06d5
-
Size
415KB
-
Sample
230103-2hb8dsdb47
-
MD5
950700c5b017e7e6deb211c4e43f45e3
-
SHA1
184bae763620fcb8a4b0416ef3cc4854a2c91aee
-
SHA256
15010f98bf5f1f0aca65d94949f717c8fcfebcb3c446b05bd97887e1e82f06d5
-
SHA512
4e8242b113a8183626e441b1af526f6c6466aa2bbb25e02f6d642a8609a33e4d1daaa4bc6fac5b52986c2eef79a6da3097c56eaa618eb4d656dfe1bb1d8d430d
-
SSDEEP
12288:XO21eqIQMQ4VMm7R3nkVzbO8yaQDMAygVr:X57IrQ4VMm7R3ahQDM3a
Static task
static1
Malware Config
Extracted
redline
sport
31.41.244.98:4063
-
auth_value
82cce55eeb56b322651e98032c09d225
Targets
-
-
Target
15010f98bf5f1f0aca65d94949f717c8fcfebcb3c446b05bd97887e1e82f06d5
-
Size
415KB
-
MD5
950700c5b017e7e6deb211c4e43f45e3
-
SHA1
184bae763620fcb8a4b0416ef3cc4854a2c91aee
-
SHA256
15010f98bf5f1f0aca65d94949f717c8fcfebcb3c446b05bd97887e1e82f06d5
-
SHA512
4e8242b113a8183626e441b1af526f6c6466aa2bbb25e02f6d642a8609a33e4d1daaa4bc6fac5b52986c2eef79a6da3097c56eaa618eb4d656dfe1bb1d8d430d
-
SSDEEP
12288:XO21eqIQMQ4VMm7R3nkVzbO8yaQDMAygVr:X57IrQ4VMm7R3ahQDM3a
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-