General
-
Target
183634c0e9b4ab445c97ba220d616ceab2e4247b24d33e8ccf7cc649dc70d77c
-
Size
406KB
-
Sample
230728-dn241aba63
-
MD5
d0f02ba1aa74515490fb31c14b9c71b2
-
SHA1
4ee7fa905e22a50977bd11c050aba4fa528543c0
-
SHA256
183634c0e9b4ab445c97ba220d616ceab2e4247b24d33e8ccf7cc649dc70d77c
-
SHA512
92da70984646fa65333434901b0435d4dab8404e9df39a31886658792b290448d70e6e8d60534994d70dd4dba29470cc6f94d0cf82abed7d8451720fb46aaaf8
-
SSDEEP
6144:AgB2EFo3wG3ssL9k9oIt8A7waoE3bYLTo1QNKK8cs4mwdt:eWo3wyssJ6ooP3RrHGJ0s
Static task
static1
Malware Config
Extracted
redline
@Germany
194.26.135.162:2920
-
auth_value
9d15d78194367a949e54a07d6ce02c62
Targets
-
-
Target
183634c0e9b4ab445c97ba220d616ceab2e4247b24d33e8ccf7cc649dc70d77c
-
Size
406KB
-
MD5
d0f02ba1aa74515490fb31c14b9c71b2
-
SHA1
4ee7fa905e22a50977bd11c050aba4fa528543c0
-
SHA256
183634c0e9b4ab445c97ba220d616ceab2e4247b24d33e8ccf7cc649dc70d77c
-
SHA512
92da70984646fa65333434901b0435d4dab8404e9df39a31886658792b290448d70e6e8d60534994d70dd4dba29470cc6f94d0cf82abed7d8451720fb46aaaf8
-
SSDEEP
6144:AgB2EFo3wG3ssL9k9oIt8A7waoE3bYLTo1QNKK8cs4mwdt:eWo3wyssJ6ooP3RrHGJ0s
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-