General
-
Target
1f6bd429f0a5f2762658f181a8654016b1599edd08242f8b90689e47652ba6e5
-
Size
386KB
-
Sample
210725-w9nv9343q6
-
MD5
2322804b8d184e80d018766484fe325a
-
SHA1
737e5cfc3472026d0d37edc07c66e3e35290fa22
-
SHA256
1f6bd429f0a5f2762658f181a8654016b1599edd08242f8b90689e47652ba6e5
-
SHA512
95071c1968f855665d89f419d47e3931393d3deebe66212cee6f2f9cbb9cd73b6e190246af5f4296779347497e8544b63cf48be52e8cab03d57e1ab3f883a6d8
Static task
static1
Behavioral task
behavioral1
Sample
1f6bd429f0a5f2762658f181a8654016b1599edd08242f8b90689e47652ba6e5.exe
Resource
win10v20210408
Malware Config
Extracted
redline
SewPalpadin
185.215.113.114:8887
Targets
-
-
Target
1f6bd429f0a5f2762658f181a8654016b1599edd08242f8b90689e47652ba6e5
-
Size
386KB
-
MD5
2322804b8d184e80d018766484fe325a
-
SHA1
737e5cfc3472026d0d37edc07c66e3e35290fa22
-
SHA256
1f6bd429f0a5f2762658f181a8654016b1599edd08242f8b90689e47652ba6e5
-
SHA512
95071c1968f855665d89f419d47e3931393d3deebe66212cee6f2f9cbb9cd73b6e190246af5f4296779347497e8544b63cf48be52e8cab03d57e1ab3f883a6d8
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-