General
-
Target
82b32f464096b34f47374b935f88264215cedff3ca4207cc4aacf9b7fb6469f3.zip
-
Size
51KB
-
Sample
230329-tvaw4aha45
-
MD5
51ff0ad321cfc99051c6a1634cf05aec
-
SHA1
391714ac71823b079ba059a3701cc62bb1584be2
-
SHA256
c6dac98178570146efc904fc4d6bcc5df17709171499498dbcfd055ae7e97c69
-
SHA512
ecef77bf1854eaad7ed605431716ef52da2af0ca58c9cb9466b84493b336ab55de288f6e33b11f8863129eb6dbf4fe60c4c283c23932c43496c9babb708202f2
-
SSDEEP
1536:SByuzr/ZantEidwbWUxqB7bBtidOVEO5eZsTugrEr:ST8tEidvtBUsic4CPrEr
Behavioral task
behavioral1
Sample
82b32f464096b34f47374b935f88264215cedff3ca4207cc4aacf9b7fb6469f3.exe
Resource
win7-20230220-en
Malware Config
Extracted
redline
muse
176.113.115.145:4125
-
auth_value
b91988a63a24940038d9262827a5320c
Targets
-
-
Target
82b32f464096b34f47374b935f88264215cedff3ca4207cc4aacf9b7fb6469f3
-
Size
175KB
-
MD5
cdb6a810f86662ee419547e61083cf0b
-
SHA1
cbde6fabd9659881263fb6286ca4a9c76dd66e5d
-
SHA256
82b32f464096b34f47374b935f88264215cedff3ca4207cc4aacf9b7fb6469f3
-
SHA512
86ba160971569d459df6df6007c4f5ef344976b55aeefb043deda091c6f9651f8f15a2f09bed63a4e804836da55dc1807c2d4557d3617c20d9990e5e650d0cbd
-
SSDEEP
3072:VxqZWn7aNQYF8ZueD59IhmHxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOuw+caq:fqZuZZIh
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-