General
-
Target
8dd5004421b2700026403ba76554d961f9e958d6ae0eca7d11ee50e2e59725df
-
Size
398KB
-
Sample
210726-zkrwyewswn
-
MD5
2c48320eb8590f376c60b18f323ec16b
-
SHA1
511467ba91b302e7ab1af2b503a548b677d6dbb9
-
SHA256
8dd5004421b2700026403ba76554d961f9e958d6ae0eca7d11ee50e2e59725df
-
SHA512
938d4916155df4f2ba0c11071d652428b3a8e03b62d46fe1ab7d230d2ca67bedc7cd5471aaf391edb621fa54c083383a5ae8e824cd9d420083bbca5ca484a694
Static task
static1
Behavioral task
behavioral1
Sample
8dd5004421b2700026403ba76554d961f9e958d6ae0eca7d11ee50e2e59725df.exe
Resource
win10v20210410
Malware Config
Extracted
redline
SewPalpadin
185.215.113.114:8887
Targets
-
-
Target
8dd5004421b2700026403ba76554d961f9e958d6ae0eca7d11ee50e2e59725df
-
Size
398KB
-
MD5
2c48320eb8590f376c60b18f323ec16b
-
SHA1
511467ba91b302e7ab1af2b503a548b677d6dbb9
-
SHA256
8dd5004421b2700026403ba76554d961f9e958d6ae0eca7d11ee50e2e59725df
-
SHA512
938d4916155df4f2ba0c11071d652428b3a8e03b62d46fe1ab7d230d2ca67bedc7cd5471aaf391edb621fa54c083383a5ae8e824cd9d420083bbca5ca484a694
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-