General
-
Target
e1eaf3f3cbb4eaf1616f6abdecf5548f7453cbd472bec9d507f6bdf7410f0efa
-
Size
314KB
-
Sample
230729-z6jk9sfb37
-
MD5
e63f71087448e0c743f1f90544f43c41
-
SHA1
e936db940f33d7bf7c37ec7e417787dca285da0b
-
SHA256
e1eaf3f3cbb4eaf1616f6abdecf5548f7453cbd472bec9d507f6bdf7410f0efa
-
SHA512
230f726e231b7a905c09ed87fb2683e2214ce2b566f09b51c7e8a12b43d1f337fa0733c8f82f29e2b68f797b0eef3af170f7fe700933849761362cfad6806fa5
-
SSDEEP
6144:5L/CdqhbmTpa89w6ft5XW0ylWoApk39gxIDGvMpI:5LCYhbm15tZWDlk+NgODGUpI
Static task
static1
Malware Config
Extracted
redline
@Germany
194.26.135.162:2920
-
auth_value
9d15d78194367a949e54a07d6ce02c62
Targets
-
-
Target
e1eaf3f3cbb4eaf1616f6abdecf5548f7453cbd472bec9d507f6bdf7410f0efa
-
Size
314KB
-
MD5
e63f71087448e0c743f1f90544f43c41
-
SHA1
e936db940f33d7bf7c37ec7e417787dca285da0b
-
SHA256
e1eaf3f3cbb4eaf1616f6abdecf5548f7453cbd472bec9d507f6bdf7410f0efa
-
SHA512
230f726e231b7a905c09ed87fb2683e2214ce2b566f09b51c7e8a12b43d1f337fa0733c8f82f29e2b68f797b0eef3af170f7fe700933849761362cfad6806fa5
-
SSDEEP
6144:5L/CdqhbmTpa89w6ft5XW0ylWoApk39gxIDGvMpI:5LCYhbm15tZWDlk+NgODGUpI
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-