General
-
Target
0x000600000001531f-1065.dat
-
Size
175KB
-
Sample
230328-hvcj5sbc5y
-
MD5
76cf5822e76de2a149da6beab7aaf1b7
-
SHA1
91e84a3a08997a8e060f391b09b54c9abb8aa4eb
-
SHA256
0e762c804c6fcd22498e29d13524a4a6b11c135d62208dd0ab8a3cc0829894c9
-
SHA512
f2384f31d40c15234a37e7dce3f9afefe95ac4a8ec13f51034ca4477e66eb1e8b2a838f0c101926e705096d57ba64dc1bffbf99274353322b48848181ed9164a
-
SSDEEP
3072:jxqZWRZaPkOQ3TjmTseesFqh+XxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOuwh:1qZoTjalqh
Behavioral task
behavioral1
Sample
0x000600000001531f-1065.exe
Resource
win7-20230220-en
Malware Config
Extracted
redline
renta
176.113.115.145:4125
-
auth_value
359596fd5b36e9925ade4d9a1846bafb
Targets
-
-
Target
0x000600000001531f-1065.dat
-
Size
175KB
-
MD5
76cf5822e76de2a149da6beab7aaf1b7
-
SHA1
91e84a3a08997a8e060f391b09b54c9abb8aa4eb
-
SHA256
0e762c804c6fcd22498e29d13524a4a6b11c135d62208dd0ab8a3cc0829894c9
-
SHA512
f2384f31d40c15234a37e7dce3f9afefe95ac4a8ec13f51034ca4477e66eb1e8b2a838f0c101926e705096d57ba64dc1bffbf99274353322b48848181ed9164a
-
SSDEEP
3072:jxqZWRZaPkOQ3TjmTseesFqh+XxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOuwh:1qZoTjalqh
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-