General
-
Target
7e791b57c8ef2debc9a4f93ae5b1011557d21490680f0668f11ae7a261c15a64
-
Size
427KB
-
Sample
230728-wqz2jage7z
-
MD5
f4c7cdfb76c0bc0efe5a171c1fec6be8
-
SHA1
4468e4a9a0a60093210675cac7eeee26fa7c36e4
-
SHA256
7e791b57c8ef2debc9a4f93ae5b1011557d21490680f0668f11ae7a261c15a64
-
SHA512
cd03e2a187405c2d4a0081dc4bf58573a7a991cd1a55f38ceba200c30dba098c04d121756fc32d0ff8611f525446edabe5ed5ed08f7c39497c280e99b9975a7b
-
SSDEEP
6144:Ud1pL4uYd2lYRrCp86NwnEdHXUNoRN79Oh:G1pEuYBrhSwnEC/h
Static task
static1
Malware Config
Extracted
redline
@Germany
194.26.135.162:2920
-
auth_value
9d15d78194367a949e54a07d6ce02c62
Targets
-
-
Target
7e791b57c8ef2debc9a4f93ae5b1011557d21490680f0668f11ae7a261c15a64
-
Size
427KB
-
MD5
f4c7cdfb76c0bc0efe5a171c1fec6be8
-
SHA1
4468e4a9a0a60093210675cac7eeee26fa7c36e4
-
SHA256
7e791b57c8ef2debc9a4f93ae5b1011557d21490680f0668f11ae7a261c15a64
-
SHA512
cd03e2a187405c2d4a0081dc4bf58573a7a991cd1a55f38ceba200c30dba098c04d121756fc32d0ff8611f525446edabe5ed5ed08f7c39497c280e99b9975a7b
-
SSDEEP
6144:Ud1pL4uYd2lYRrCp86NwnEdHXUNoRN79Oh:G1pEuYBrhSwnEC/h
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-