General
-
Target
d21abe71ba2abf923b575299dc17854f
-
Size
301KB
-
Sample
210721-jkz2v8rkcj
-
MD5
d21abe71ba2abf923b575299dc17854f
-
SHA1
392e079c675a0065c6a982ec848a18f3277f30f5
-
SHA256
3805dae603dcd659643f0888fe35b9bbbd0173c63ff5ce1ed5bf678e4fa5db90
-
SHA512
4922444792642dcc60e7d6e60b7e9c7ffbf2239131230f82d90f33f055b954c6967643e6cfe145b39b3427876cdb9fc0d189b702354c2c7da1a2902e5f052c86
Static task
static1
Behavioral task
behavioral1
Sample
d21abe71ba2abf923b575299dc17854f.exe
Resource
win7v20210410
Malware Config
Extracted
redline
170
147.124.222.75:42864
Targets
-
-
Target
d21abe71ba2abf923b575299dc17854f
-
Size
301KB
-
MD5
d21abe71ba2abf923b575299dc17854f
-
SHA1
392e079c675a0065c6a982ec848a18f3277f30f5
-
SHA256
3805dae603dcd659643f0888fe35b9bbbd0173c63ff5ce1ed5bf678e4fa5db90
-
SHA512
4922444792642dcc60e7d6e60b7e9c7ffbf2239131230f82d90f33f055b954c6967643e6cfe145b39b3427876cdb9fc0d189b702354c2c7da1a2902e5f052c86
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-