General
-
Target
cc2d5267451649cf29cb43fd510aed0aa922d7b830dc5f0aebf99d802b82a768
-
Size
266KB
-
Sample
230726-v5damsfa96
-
MD5
c12a95f5d3c8599437f62b8addef7df7
-
SHA1
21000cb31ee2561e04bb09f644882c54a38a9f58
-
SHA256
5532f5542427f30c1577a183290d5cb4ef2303ee50055507fa1a5ee8371c065e
-
SHA512
d2cbdd9b5275fd349a8a6e0b524952054df2399188985cd2f134089a550f414e98e43d40336ac3fb3ec1ef1803a5db57c0e78509dfc0d727c8e9b80fa281660e
-
SSDEEP
6144:nwdT/rQCAjCzNW1X8jJ5g9lwqNK3bf2oGHsiiuHip6jGxu690:nSTi1sfUdKTVGHFi790
Static task
static1
Behavioral task
behavioral1
Sample
cc2d5267451649cf29cb43fd510aed0aa922d7b830dc5f0aebf99d802b82a768.exe
Resource
win7-20230712-en
Malware Config
Extracted
redline
@Germany
194.26.135.162:2920
-
auth_value
9d15d78194367a949e54a07d6ce02c62
Targets
-
-
Target
cc2d5267451649cf29cb43fd510aed0aa922d7b830dc5f0aebf99d802b82a768
-
Size
442KB
-
MD5
e18dd35afa779d523030d1a38ce6862b
-
SHA1
7ec4cbb5c3534cb3423fc6248dcabcb6a0e70e97
-
SHA256
cc2d5267451649cf29cb43fd510aed0aa922d7b830dc5f0aebf99d802b82a768
-
SHA512
eb1ddabe4448ada8e207224d8d1c2d46af531cd1d348dd2fecd66b57360c40b730116202de4d490a02afcf4ff2ca94c32fe3fa3e2edcad772c2edc2786a7a246
-
SSDEEP
6144:yJUHLGkhjCzNWlX8jJ5+9lwqNK3Ff2oGhsiiuHiI2jv+HT:8UHKQlsfudKxVGhFi5jmz
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-