General
-
Target
0fbcf6ab417e6a03b81c2fa3ba8f4a04e082c6b206a8e440bb44981c7fdf0961
-
Size
398KB
-
Sample
210727-435fs6fh26
-
MD5
0c0b8c444d2cf542347f7629edc359aa
-
SHA1
6ec2b0068485498665278552efe5f6dcd00ed301
-
SHA256
0fbcf6ab417e6a03b81c2fa3ba8f4a04e082c6b206a8e440bb44981c7fdf0961
-
SHA512
4dfd1dd1533fd4ffcb5cb45e6a864a3875cb0d6514fe20e6286aacabe42a38804d2584a316d076f395494431ced59a4a285b07b5a9c94023fb4baaca2e54f220
Static task
static1
Behavioral task
behavioral1
Sample
0fbcf6ab417e6a03b81c2fa3ba8f4a04e082c6b206a8e440bb44981c7fdf0961.exe
Resource
win10v20210410
Malware Config
Extracted
redline
SewPalpadin
185.215.113.114:8887
Targets
-
-
Target
0fbcf6ab417e6a03b81c2fa3ba8f4a04e082c6b206a8e440bb44981c7fdf0961
-
Size
398KB
-
MD5
0c0b8c444d2cf542347f7629edc359aa
-
SHA1
6ec2b0068485498665278552efe5f6dcd00ed301
-
SHA256
0fbcf6ab417e6a03b81c2fa3ba8f4a04e082c6b206a8e440bb44981c7fdf0961
-
SHA512
4dfd1dd1533fd4ffcb5cb45e6a864a3875cb0d6514fe20e6286aacabe42a38804d2584a316d076f395494431ced59a4a285b07b5a9c94023fb4baaca2e54f220
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-