General
-
Target
7e1ba56b9166cd76721207736aeab3cc0f02e2499798b7d66cbeb18aa280d9b6
-
Size
397KB
-
Sample
210727-ctc553g4mj
-
MD5
1d25e9070610b02b4d1e756efbb2552e
-
SHA1
33dd69c5fca6f8983eacfd71ceec3a2a8386b7e7
-
SHA256
7e1ba56b9166cd76721207736aeab3cc0f02e2499798b7d66cbeb18aa280d9b6
-
SHA512
45c71c1b666ca30235d747ecd623b49b503a11c63c16917124eeeda6849d021bc7fb7979515f9ccc008e3b85613229280a69e334a169d74eaf4f08caba72ad43
Static task
static1
Behavioral task
behavioral1
Sample
7e1ba56b9166cd76721207736aeab3cc0f02e2499798b7d66cbeb18aa280d9b6.exe
Resource
win10v20210410
Malware Config
Extracted
redline
SewPalpadin
185.215.113.114:8887
Targets
-
-
Target
7e1ba56b9166cd76721207736aeab3cc0f02e2499798b7d66cbeb18aa280d9b6
-
Size
397KB
-
MD5
1d25e9070610b02b4d1e756efbb2552e
-
SHA1
33dd69c5fca6f8983eacfd71ceec3a2a8386b7e7
-
SHA256
7e1ba56b9166cd76721207736aeab3cc0f02e2499798b7d66cbeb18aa280d9b6
-
SHA512
45c71c1b666ca30235d747ecd623b49b503a11c63c16917124eeeda6849d021bc7fb7979515f9ccc008e3b85613229280a69e334a169d74eaf4f08caba72ad43
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-