General
-
Target
816188f69e67e9bcf7e351c1df2f810f06184248d7a8d61464c670e86a80a700
-
Size
397KB
-
Sample
210726-ktwm5s2xv2
-
MD5
0f6b5a36344972a91df587eb73526aef
-
SHA1
dbcd3d4a06ef6cb4d30fda538eb2597f507776d9
-
SHA256
816188f69e67e9bcf7e351c1df2f810f06184248d7a8d61464c670e86a80a700
-
SHA512
4e53707929bf38ff47f2e16fa52c7f17c9ac5545bbdeb563a8c171316b2065d2874c4f58d9bab3de3d2030573ae1a86ad4983e9b5bc24ed13fef835f44edba35
Static task
static1
Behavioral task
behavioral1
Sample
816188f69e67e9bcf7e351c1df2f810f06184248d7a8d61464c670e86a80a700.exe
Resource
win10v20210410
Malware Config
Extracted
redline
SewPalpadin
185.215.113.114:8887
Targets
-
-
Target
816188f69e67e9bcf7e351c1df2f810f06184248d7a8d61464c670e86a80a700
-
Size
397KB
-
MD5
0f6b5a36344972a91df587eb73526aef
-
SHA1
dbcd3d4a06ef6cb4d30fda538eb2597f507776d9
-
SHA256
816188f69e67e9bcf7e351c1df2f810f06184248d7a8d61464c670e86a80a700
-
SHA512
4e53707929bf38ff47f2e16fa52c7f17c9ac5545bbdeb563a8c171316b2065d2874c4f58d9bab3de3d2030573ae1a86ad4983e9b5bc24ed13fef835f44edba35
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-