General
-
Target
cf278d240d19a7957a7cb8029467ea0404a54031eafa6816d55ee269a0db54da
-
Size
400KB
-
Sample
210726-3hk5phtdlj
-
MD5
554babbab58b440ada518e9d1a70c208
-
SHA1
af1e31bf36d03f6fc4f105964df9f8187ef42560
-
SHA256
cf278d240d19a7957a7cb8029467ea0404a54031eafa6816d55ee269a0db54da
-
SHA512
9e3ee99ac6639544d4217e3769afa1d42364be6462e6d63c29cc8f5629e04250fae7642f668fc014b6fa59dca5c19d83f9dcee9f01809906489f377c2413e6d0
Static task
static1
Behavioral task
behavioral1
Sample
cf278d240d19a7957a7cb8029467ea0404a54031eafa6816d55ee269a0db54da.exe
Resource
win10v20210410
Malware Config
Extracted
redline
SewPalpadin
185.215.113.114:8887
Targets
-
-
Target
cf278d240d19a7957a7cb8029467ea0404a54031eafa6816d55ee269a0db54da
-
Size
400KB
-
MD5
554babbab58b440ada518e9d1a70c208
-
SHA1
af1e31bf36d03f6fc4f105964df9f8187ef42560
-
SHA256
cf278d240d19a7957a7cb8029467ea0404a54031eafa6816d55ee269a0db54da
-
SHA512
9e3ee99ac6639544d4217e3769afa1d42364be6462e6d63c29cc8f5629e04250fae7642f668fc014b6fa59dca5c19d83f9dcee9f01809906489f377c2413e6d0
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-