General
-
Target
bea13101f86c932b25298a673483e0c1.exe
-
Size
436KB
-
Sample
231019-3hpddseb66
-
MD5
bea13101f86c932b25298a673483e0c1
-
SHA1
d6ffcf477471d99b8130d605ba01b50709d2a859
-
SHA256
1982e6e56444240b43495b9e9ee128fd3ec2792b90f05729b93c42b767e595fe
-
SHA512
33b5d27d04e330f9be2175dddc5bbbcd80b0e304a2784943abbc47f44ea442cfc7cfa7d4b547e0c0762f78178dfde1917a698e3cbc2076c3c02d1366a0ca3bbb
-
SSDEEP
6144:0/CFPkJlMotFfIv653uj51eSN1ElLmAoH7t4GzQ2o/O0BDO4RNvCU9q:0/CFUFwSQPpGtnNvCU9q
Static task
static1
Behavioral task
behavioral1
Sample
bea13101f86c932b25298a673483e0c1.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
bea13101f86c932b25298a673483e0c1.exe
Resource
win10v2004-20230915-en
Malware Config
Targets
-
-
Target
bea13101f86c932b25298a673483e0c1.exe
-
Size
436KB
-
MD5
bea13101f86c932b25298a673483e0c1
-
SHA1
d6ffcf477471d99b8130d605ba01b50709d2a859
-
SHA256
1982e6e56444240b43495b9e9ee128fd3ec2792b90f05729b93c42b767e595fe
-
SHA512
33b5d27d04e330f9be2175dddc5bbbcd80b0e304a2784943abbc47f44ea442cfc7cfa7d4b547e0c0762f78178dfde1917a698e3cbc2076c3c02d1366a0ca3bbb
-
SSDEEP
6144:0/CFPkJlMotFfIv653uj51eSN1ElLmAoH7t4GzQ2o/O0BDO4RNvCU9q:0/CFUFwSQPpGtnNvCU9q
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-