General
-
Target
25b64c0bad59caa2bb89de749ce69e2b.exe
-
Size
387KB
-
Sample
210725-l9w6q2lxfx
-
MD5
25b64c0bad59caa2bb89de749ce69e2b
-
SHA1
26bd53222cdce89e0ab183db7fa9df6dd489982b
-
SHA256
0c16b313253259d25a77c5019df1985e6c356c56f4ce19f8119829efec7db43d
-
SHA512
930569743201567d74d32e34361ad13b801c6ef492543d805a1ba1553a4aa037738214e4b8e3546a69187b72478072c78ee526e77ebb77d1113e463ea6e0e173
Static task
static1
Behavioral task
behavioral1
Sample
25b64c0bad59caa2bb89de749ce69e2b.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
25b64c0bad59caa2bb89de749ce69e2b.exe
Resource
win10v20210410
Malware Config
Extracted
redline
193.56.146.60:51431
Targets
-
-
Target
25b64c0bad59caa2bb89de749ce69e2b.exe
-
Size
387KB
-
MD5
25b64c0bad59caa2bb89de749ce69e2b
-
SHA1
26bd53222cdce89e0ab183db7fa9df6dd489982b
-
SHA256
0c16b313253259d25a77c5019df1985e6c356c56f4ce19f8119829efec7db43d
-
SHA512
930569743201567d74d32e34361ad13b801c6ef492543d805a1ba1553a4aa037738214e4b8e3546a69187b72478072c78ee526e77ebb77d1113e463ea6e0e173
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-