General
-
Target
e9d127ac40cb572f558abf8140a88c35a392528f7c46036504f33d473fcf78d6
-
Size
397KB
-
Sample
210727-4a76llwc6x
-
MD5
3e122280b2edf38bf2f9c5e47a8a97cf
-
SHA1
99ee7238a206a51c5ae599c67ddaffdc531bcb6b
-
SHA256
e9d127ac40cb572f558abf8140a88c35a392528f7c46036504f33d473fcf78d6
-
SHA512
d326424ec9738191ab6cbce32b658a95b4d6c664f633c66d92beb7fbfbaf26add76125ac99ab07e3e91ec8e82ac6957cbf1a06b6ef148d2ed5bfc7cf9d13136f
Static task
static1
Behavioral task
behavioral1
Sample
e9d127ac40cb572f558abf8140a88c35a392528f7c46036504f33d473fcf78d6.exe
Resource
win10v20210410
Malware Config
Extracted
redline
SewPalpadin
185.215.113.114:8887
Targets
-
-
Target
e9d127ac40cb572f558abf8140a88c35a392528f7c46036504f33d473fcf78d6
-
Size
397KB
-
MD5
3e122280b2edf38bf2f9c5e47a8a97cf
-
SHA1
99ee7238a206a51c5ae599c67ddaffdc531bcb6b
-
SHA256
e9d127ac40cb572f558abf8140a88c35a392528f7c46036504f33d473fcf78d6
-
SHA512
d326424ec9738191ab6cbce32b658a95b4d6c664f633c66d92beb7fbfbaf26add76125ac99ab07e3e91ec8e82ac6957cbf1a06b6ef148d2ed5bfc7cf9d13136f
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-