General
-
Target
66fff084975782cddb02df98a9cab04e2af1b489d7d8bb17ae7e0ffc30e706be
-
Size
386KB
-
Sample
210725-t4dy7zwhtx
-
MD5
fce56ea69a9712ce0ac94368d5a124b0
-
SHA1
13906015b834bfe7140da50f9d12733408677006
-
SHA256
66fff084975782cddb02df98a9cab04e2af1b489d7d8bb17ae7e0ffc30e706be
-
SHA512
639b96c438bf84ddaeab979fc7b81de3f8b2b10a1d5f119365a83a60103b6ddb69d96228ebeda7c950d08370dd0057b841d9f527c8f5bb05e5de84d9f253d0af
Static task
static1
Behavioral task
behavioral1
Sample
66fff084975782cddb02df98a9cab04e2af1b489d7d8bb17ae7e0ffc30e706be.exe
Resource
win10v20210410
Malware Config
Extracted
redline
SewPalpadin
185.215.113.114:8887
Targets
-
-
Target
66fff084975782cddb02df98a9cab04e2af1b489d7d8bb17ae7e0ffc30e706be
-
Size
386KB
-
MD5
fce56ea69a9712ce0ac94368d5a124b0
-
SHA1
13906015b834bfe7140da50f9d12733408677006
-
SHA256
66fff084975782cddb02df98a9cab04e2af1b489d7d8bb17ae7e0ffc30e706be
-
SHA512
639b96c438bf84ddaeab979fc7b81de3f8b2b10a1d5f119365a83a60103b6ddb69d96228ebeda7c950d08370dd0057b841d9f527c8f5bb05e5de84d9f253d0af
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-