General
-
Target
ad14e24bf6ff0de8e3dcc999d2022ec046e3a19e0def9f77f3e96f2dd0c5b8f8
-
Size
396KB
-
Sample
210726-n5nseb9ah6
-
MD5
f5137b5d129c832a557d5c32c00ba0cf
-
SHA1
067acd1026b3ed3a927fac690d86e80ba11604c3
-
SHA256
ad14e24bf6ff0de8e3dcc999d2022ec046e3a19e0def9f77f3e96f2dd0c5b8f8
-
SHA512
7d0a7b817472a47ea6fde388c1812023fa92dfbed2280eb6d05fbbe2d3a55de07753218c4d2fe1dc8d7fa3b3e2e13775345172c8f6c8f40cf8f240382b7532df
Static task
static1
Behavioral task
behavioral1
Sample
ad14e24bf6ff0de8e3dcc999d2022ec046e3a19e0def9f77f3e96f2dd0c5b8f8.exe
Resource
win10v20210408
Malware Config
Extracted
redline
SewPalpadin
185.215.113.114:8887
Targets
-
-
Target
ad14e24bf6ff0de8e3dcc999d2022ec046e3a19e0def9f77f3e96f2dd0c5b8f8
-
Size
396KB
-
MD5
f5137b5d129c832a557d5c32c00ba0cf
-
SHA1
067acd1026b3ed3a927fac690d86e80ba11604c3
-
SHA256
ad14e24bf6ff0de8e3dcc999d2022ec046e3a19e0def9f77f3e96f2dd0c5b8f8
-
SHA512
7d0a7b817472a47ea6fde388c1812023fa92dfbed2280eb6d05fbbe2d3a55de07753218c4d2fe1dc8d7fa3b3e2e13775345172c8f6c8f40cf8f240382b7532df
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-