General
-
Target
file.exe
-
Size
377KB
-
Sample
230721-bnyepscb4v
-
MD5
194b5af5af1762c56f13e498f6ec0c08
-
SHA1
2311e863b332baa8315f1136c7278e53d9d23a24
-
SHA256
da29c485d19eaa1e567d555db19a7bb5a5e74df17be79f7817a42c0cca1566ff
-
SHA512
2d6c6ade13691709c220a180a649b5c482c0d1ad0c1e1cddd602b86f076f67885c106a800739ff6d042047428843def16b24fd8128fb7034214ecf2ac8669ce2
-
SSDEEP
6144:94+fLLVO2u74i02kobdRwj9h73JkFJi80XXS+9TelF:CuHVO21ieoXwjHOgtXiLlF
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20230712-en
Malware Config
Extracted
redline
@Germany
194.26.135.162:2920
-
auth_value
9d15d78194367a949e54a07d6ce02c62
Targets
-
-
Target
file.exe
-
Size
377KB
-
MD5
194b5af5af1762c56f13e498f6ec0c08
-
SHA1
2311e863b332baa8315f1136c7278e53d9d23a24
-
SHA256
da29c485d19eaa1e567d555db19a7bb5a5e74df17be79f7817a42c0cca1566ff
-
SHA512
2d6c6ade13691709c220a180a649b5c482c0d1ad0c1e1cddd602b86f076f67885c106a800739ff6d042047428843def16b24fd8128fb7034214ecf2ac8669ce2
-
SSDEEP
6144:94+fLLVO2u74i02kobdRwj9h73JkFJi80XXS+9TelF:CuHVO21ieoXwjHOgtXiLlF
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-