General
-
Target
094b038134f90591e7a940093b76240385bd16acef9d00ab8760d50fdc72653f
-
Size
396KB
-
Sample
210727-g76x8822cn
-
MD5
5f611d2feace2ae0a4c0d1a0bf87376b
-
SHA1
ff2fa40e4ae95002d9f81ed929752e8b47905995
-
SHA256
094b038134f90591e7a940093b76240385bd16acef9d00ab8760d50fdc72653f
-
SHA512
ace5e0fcbf493f855542934fed8b322f4a980754d79479be3257ab05747e50623312d00cf3f706467ebefa88b165a0650efdc9d443807624ee53e298fddb973a
Static task
static1
Behavioral task
behavioral1
Sample
094b038134f90591e7a940093b76240385bd16acef9d00ab8760d50fdc72653f.exe
Resource
win10v20210408
Malware Config
Extracted
redline
SewPalpadin
185.215.113.114:8887
Targets
-
-
Target
094b038134f90591e7a940093b76240385bd16acef9d00ab8760d50fdc72653f
-
Size
396KB
-
MD5
5f611d2feace2ae0a4c0d1a0bf87376b
-
SHA1
ff2fa40e4ae95002d9f81ed929752e8b47905995
-
SHA256
094b038134f90591e7a940093b76240385bd16acef9d00ab8760d50fdc72653f
-
SHA512
ace5e0fcbf493f855542934fed8b322f4a980754d79479be3257ab05747e50623312d00cf3f706467ebefa88b165a0650efdc9d443807624ee53e298fddb973a
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-