General
-
Target
df7cbf5011ea28d6375b498948b39922b5bb1460dc23699a2c0fe953d8ec9619
-
Size
386KB
-
Sample
210725-kl18f53j8j
-
MD5
af167221b2f35dd737d70ed26d81a2bc
-
SHA1
682d89b71f27ac81d02e339feef23feba805e420
-
SHA256
df7cbf5011ea28d6375b498948b39922b5bb1460dc23699a2c0fe953d8ec9619
-
SHA512
da39ab8b690c93ee83668050026261f831750bf413b4f27f93b1a44ead93b510eae27656dc2cdb1d3a32769d959cb106ed724fab170d074183f367e84c05b781
Static task
static1
Behavioral task
behavioral1
Sample
df7cbf5011ea28d6375b498948b39922b5bb1460dc23699a2c0fe953d8ec9619.exe
Resource
win10v20210410
Malware Config
Extracted
redline
SewPalpadin
185.215.113.114:8887
Targets
-
-
Target
df7cbf5011ea28d6375b498948b39922b5bb1460dc23699a2c0fe953d8ec9619
-
Size
386KB
-
MD5
af167221b2f35dd737d70ed26d81a2bc
-
SHA1
682d89b71f27ac81d02e339feef23feba805e420
-
SHA256
df7cbf5011ea28d6375b498948b39922b5bb1460dc23699a2c0fe953d8ec9619
-
SHA512
da39ab8b690c93ee83668050026261f831750bf413b4f27f93b1a44ead93b510eae27656dc2cdb1d3a32769d959cb106ed724fab170d074183f367e84c05b781
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-