General
-
Target
3260affcb849e3902ea881f0bc5da2382827b1990a84fd1d547e582a538c0b20
-
Size
358KB
-
Sample
230321-lcvvjshe55
-
MD5
bc164dec0e7fda664a2c5e230da56f81
-
SHA1
37e7427b0c6aaccfa0009dd3de1029a5bcc70313
-
SHA256
3260affcb849e3902ea881f0bc5da2382827b1990a84fd1d547e582a538c0b20
-
SHA512
ad55198783409685420fd187c86da14eb0dadb690fee62417da322bb26059307b2e28ca0411b2185f03b6c291a693dbc60c6d26ed98033dafb15e63580ee97c3
-
SSDEEP
6144:yBqQLNqOZeW1/5d/MVzkbvJtaraXboxuiZJzVysXnWPb8nF:yBqQUOZeq/5m9kbvXyIoQgz32O
Static task
static1
Malware Config
Extracted
redline
dozk
91.215.85.15:25916
-
auth_value
9f1dc4ff242fb8b53742acae0ef96143
Targets
-
-
Target
3260affcb849e3902ea881f0bc5da2382827b1990a84fd1d547e582a538c0b20
-
Size
358KB
-
MD5
bc164dec0e7fda664a2c5e230da56f81
-
SHA1
37e7427b0c6aaccfa0009dd3de1029a5bcc70313
-
SHA256
3260affcb849e3902ea881f0bc5da2382827b1990a84fd1d547e582a538c0b20
-
SHA512
ad55198783409685420fd187c86da14eb0dadb690fee62417da322bb26059307b2e28ca0411b2185f03b6c291a693dbc60c6d26ed98033dafb15e63580ee97c3
-
SSDEEP
6144:yBqQLNqOZeW1/5d/MVzkbvJtaraXboxuiZJzVysXnWPb8nF:yBqQUOZeq/5m9kbvXyIoQgz32O
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-