General
-
Target
3bc890f71f8f342334883ff199b8f9b56245b3e02b9a557a0b4f397d5e239fc4
-
Size
427KB
-
Sample
230728-yn9t3ahc59
-
MD5
379001bc7be2d352cdb174b164a73f4b
-
SHA1
7db91649f7f83c98a4d180270b0ab8083f1ed935
-
SHA256
3bc890f71f8f342334883ff199b8f9b56245b3e02b9a557a0b4f397d5e239fc4
-
SHA512
03c8f55af96e82d629d9eab15d7b249fa3d988569768ce5d573f8e9770bffb2578244b18d13c480ace332164ea03b979e539d385eb2979b2edc4be2dfffa39cb
-
SSDEEP
6144:M9F9LgmlxNkLgiA8R22/GkD9QMKgDwZbafh:eF9cwTofAkhNpQMKXyh
Static task
static1
Malware Config
Extracted
redline
@Germany
194.26.135.162:2920
-
auth_value
9d15d78194367a949e54a07d6ce02c62
Targets
-
-
Target
3bc890f71f8f342334883ff199b8f9b56245b3e02b9a557a0b4f397d5e239fc4
-
Size
427KB
-
MD5
379001bc7be2d352cdb174b164a73f4b
-
SHA1
7db91649f7f83c98a4d180270b0ab8083f1ed935
-
SHA256
3bc890f71f8f342334883ff199b8f9b56245b3e02b9a557a0b4f397d5e239fc4
-
SHA512
03c8f55af96e82d629d9eab15d7b249fa3d988569768ce5d573f8e9770bffb2578244b18d13c480ace332164ea03b979e539d385eb2979b2edc4be2dfffa39cb
-
SSDEEP
6144:M9F9LgmlxNkLgiA8R22/GkD9QMKgDwZbafh:eF9cwTofAkhNpQMKXyh
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-