General
-
Target
9c9993606b382e36d7be83ce3f1bc26ce003ee061b395a2047271f700ba7876e
-
Size
395KB
-
Sample
210726-j7421htk1s
-
MD5
d912f57c2110802430e3c14355b5a620
-
SHA1
2ebd9af97f49552845a28e70746cf71cda58820b
-
SHA256
9c9993606b382e36d7be83ce3f1bc26ce003ee061b395a2047271f700ba7876e
-
SHA512
eaca2776f78b3b9d125cf6772d9146f00f741cf342aa4e1885092337daf580f0d655c4eb61bdff7dedc19ca9eab11061016cf82273adf6b12344a70f8eb6cb1d
Static task
static1
Behavioral task
behavioral1
Sample
9c9993606b382e36d7be83ce3f1bc26ce003ee061b395a2047271f700ba7876e.exe
Resource
win10v20210410
Malware Config
Extracted
redline
SewPalpadin
185.215.113.114:8887
Targets
-
-
Target
9c9993606b382e36d7be83ce3f1bc26ce003ee061b395a2047271f700ba7876e
-
Size
395KB
-
MD5
d912f57c2110802430e3c14355b5a620
-
SHA1
2ebd9af97f49552845a28e70746cf71cda58820b
-
SHA256
9c9993606b382e36d7be83ce3f1bc26ce003ee061b395a2047271f700ba7876e
-
SHA512
eaca2776f78b3b9d125cf6772d9146f00f741cf342aa4e1885092337daf580f0d655c4eb61bdff7dedc19ca9eab11061016cf82273adf6b12344a70f8eb6cb1d
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-