General
-
Target
d8a2bf3176942bd8f6915c7fe2ee489f81b4fbfee2b41e32af675e63600d3897
-
Size
419KB
-
Sample
230103-vqd9dsfd2x
-
MD5
e4ac7cfad83d7d0a7ce1ff6fc8faac5c
-
SHA1
76b07744f5100a886ad3d4180c91ad3aa97688bd
-
SHA256
d8a2bf3176942bd8f6915c7fe2ee489f81b4fbfee2b41e32af675e63600d3897
-
SHA512
90955f96ba1f75c84dadbc39941e49c8ae10c43fb7019a4062c1fb491d17b0776deb39b8f690d53ffe0f6a8e252240ddb763f384a829ca8e180663baf6646fd5
-
SSDEEP
6144:buL2F1LnZ0XERC7MCYOxarHgr6Kjrc88NyCuqXD3cAyjEvJEMrb:a01TGyC7LYOoAbj8NyCNDMAyoh
Static task
static1
Malware Config
Extracted
redline
sport
31.41.244.98:4063
-
auth_value
82cce55eeb56b322651e98032c09d225
Targets
-
-
Target
d8a2bf3176942bd8f6915c7fe2ee489f81b4fbfee2b41e32af675e63600d3897
-
Size
419KB
-
MD5
e4ac7cfad83d7d0a7ce1ff6fc8faac5c
-
SHA1
76b07744f5100a886ad3d4180c91ad3aa97688bd
-
SHA256
d8a2bf3176942bd8f6915c7fe2ee489f81b4fbfee2b41e32af675e63600d3897
-
SHA512
90955f96ba1f75c84dadbc39941e49c8ae10c43fb7019a4062c1fb491d17b0776deb39b8f690d53ffe0f6a8e252240ddb763f384a829ca8e180663baf6646fd5
-
SSDEEP
6144:buL2F1LnZ0XERC7MCYOxarHgr6Kjrc88NyCuqXD3cAyjEvJEMrb:a01TGyC7LYOoAbj8NyCNDMAyoh
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-