General
-
Target
a22db738089d89c6e10e18cc5fad86773398f83feee928c4a45b0deb3c30a6a8
-
Size
358KB
-
Sample
230321-fb9dnagg78
-
MD5
9528532a56a5b30a49484cab6ffbc05a
-
SHA1
2b3e241cdb4b9f3acd60e4eecc3e224671f18c34
-
SHA256
a22db738089d89c6e10e18cc5fad86773398f83feee928c4a45b0deb3c30a6a8
-
SHA512
d90e2b86f2ae246a1590ab11ebf7795e14cf53b24b2895a27017ca6dee8ed8283e87cb6ebfe26c58d7ed22b7822b0d8eaccd733b72b24e1f33e67e00f4714d1a
-
SSDEEP
6144:nBqQLNqOZeW1/dOKdi+qcBBVb1Cw5w7PF3Z+TZWPVG:nBqQUOZeq/FScLN1lUtp
Static task
static1
Malware Config
Extracted
redline
dozk
91.215.85.15:25916
-
auth_value
9f1dc4ff242fb8b53742acae0ef96143
Targets
-
-
Target
a22db738089d89c6e10e18cc5fad86773398f83feee928c4a45b0deb3c30a6a8
-
Size
358KB
-
MD5
9528532a56a5b30a49484cab6ffbc05a
-
SHA1
2b3e241cdb4b9f3acd60e4eecc3e224671f18c34
-
SHA256
a22db738089d89c6e10e18cc5fad86773398f83feee928c4a45b0deb3c30a6a8
-
SHA512
d90e2b86f2ae246a1590ab11ebf7795e14cf53b24b2895a27017ca6dee8ed8283e87cb6ebfe26c58d7ed22b7822b0d8eaccd733b72b24e1f33e67e00f4714d1a
-
SSDEEP
6144:nBqQLNqOZeW1/dOKdi+qcBBVb1Cw5w7PF3Z+TZWPVG:nBqQUOZeq/FScLN1lUtp
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-