General
-
Target
957cc969c8429d739d277b0205a7eda4236da449c6bde944f60aac88b7bc9cc9
-
Size
426KB
-
Sample
230119-ekdgxabf3x
-
MD5
48262a59ebbc4692c7740c28a4e474fb
-
SHA1
1c77f5b522099936d9711bf23c86558c4b101b92
-
SHA256
957cc969c8429d739d277b0205a7eda4236da449c6bde944f60aac88b7bc9cc9
-
SHA512
1f629c886005e94463051c70c27cfee4d14ea65a040a0589b884df0d9d6c3e44ed72beba7ac59dbfb3b257764ab19b43eb8f9c875ec7aa9050d9a95431aca406
-
SSDEEP
6144:oaLffttXwfSE780Fjfp7iunsR5WgJ5OPZElnyHSHY:oarfbho80FjfVC5WgJ5OkTH
Static task
static1
Behavioral task
behavioral1
Sample
957cc969c8429d739d277b0205a7eda4236da449c6bde944f60aac88b7bc9cc9.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
957cc969c8429d739d277b0205a7eda4236da449c6bde944f60aac88b7bc9cc9.exe
Resource
win10-20220812-en
Malware Config
Extracted
redline
SlovarikTest2
82.115.223.9:15486
-
auth_value
74f576286d26c99e51edf3860e562ae6
Targets
-
-
Target
957cc969c8429d739d277b0205a7eda4236da449c6bde944f60aac88b7bc9cc9
-
Size
426KB
-
MD5
48262a59ebbc4692c7740c28a4e474fb
-
SHA1
1c77f5b522099936d9711bf23c86558c4b101b92
-
SHA256
957cc969c8429d739d277b0205a7eda4236da449c6bde944f60aac88b7bc9cc9
-
SHA512
1f629c886005e94463051c70c27cfee4d14ea65a040a0589b884df0d9d6c3e44ed72beba7ac59dbfb3b257764ab19b43eb8f9c875ec7aa9050d9a95431aca406
-
SSDEEP
6144:oaLffttXwfSE780Fjfp7iunsR5WgJ5OPZElnyHSHY:oarfbho80FjfVC5WgJ5OkTH
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-