General
-
Target
f7f9972ccd76aadd84a675d8a7c12c14d9bdfb40fe23aa6614a666513e72315b
-
Size
422KB
-
Sample
210810-9wkkk3cn2j
-
MD5
e75d99a56d470da144bd99ab10507e4b
-
SHA1
6ccfc64703dc3843602bb5cab0ef073e8f95ee03
-
SHA256
f7f9972ccd76aadd84a675d8a7c12c14d9bdfb40fe23aa6614a666513e72315b
-
SHA512
67d7e4944ff3918fcea3c80180a650f28e24c1254f468d5f91899af546e2e188a688172c76e64667e1a047331d2339522355d792df9b0bb59726ff4ca9e40414
Static task
static1
Behavioral task
behavioral1
Sample
f7f9972ccd76aadd84a675d8a7c12c14d9bdfb40fe23aa6614a666513e72315b.exe
Resource
win10v20210410
Malware Config
Extracted
redline
SewPalpadin
185.215.113.114:8887
Targets
-
-
Target
f7f9972ccd76aadd84a675d8a7c12c14d9bdfb40fe23aa6614a666513e72315b
-
Size
422KB
-
MD5
e75d99a56d470da144bd99ab10507e4b
-
SHA1
6ccfc64703dc3843602bb5cab0ef073e8f95ee03
-
SHA256
f7f9972ccd76aadd84a675d8a7c12c14d9bdfb40fe23aa6614a666513e72315b
-
SHA512
67d7e4944ff3918fcea3c80180a650f28e24c1254f468d5f91899af546e2e188a688172c76e64667e1a047331d2339522355d792df9b0bb59726ff4ca9e40414
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-