General
-
Target
732db2a6df5ed6f26b3eee4e7e1ff05689b258e2f5576e4c2b0fa09dd48144ac
-
Size
398KB
-
Sample
210727-8ywqf7j3wa
-
MD5
6431598ff085113b958e0dc9bc06c7ea
-
SHA1
1f21b31c08c1e847a5332911043bd94d4018c7a2
-
SHA256
732db2a6df5ed6f26b3eee4e7e1ff05689b258e2f5576e4c2b0fa09dd48144ac
-
SHA512
2cb64c967e88a220f9f6fdda67950d99d6389a07a0f3c0aecf42e52c1c657637d47c6e721c2cf2b1975e813e2a88a1dd2162d5a2b57ed950d8827e6d29c7e89e
Static task
static1
Behavioral task
behavioral1
Sample
732db2a6df5ed6f26b3eee4e7e1ff05689b258e2f5576e4c2b0fa09dd48144ac.exe
Resource
win10v20210408
Malware Config
Extracted
redline
SewPalpadin
185.215.113.114:8887
Targets
-
-
Target
732db2a6df5ed6f26b3eee4e7e1ff05689b258e2f5576e4c2b0fa09dd48144ac
-
Size
398KB
-
MD5
6431598ff085113b958e0dc9bc06c7ea
-
SHA1
1f21b31c08c1e847a5332911043bd94d4018c7a2
-
SHA256
732db2a6df5ed6f26b3eee4e7e1ff05689b258e2f5576e4c2b0fa09dd48144ac
-
SHA512
2cb64c967e88a220f9f6fdda67950d99d6389a07a0f3c0aecf42e52c1c657637d47c6e721c2cf2b1975e813e2a88a1dd2162d5a2b57ed950d8827e6d29c7e89e
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-