General
-
Target
edcb357b3189f26818f5212a07734168
-
Size
287KB
-
Sample
210813-ekwdteh9ls
-
MD5
edcb357b3189f26818f5212a07734168
-
SHA1
9927c47ddfd38f9f239b5eb06590312f550c06bc
-
SHA256
81a962862c3c796af1b94b1674698aa15a3c0f4abcb86e0ac23a810c4d4fc0e9
-
SHA512
3cddb80ea596446762b468f7dd73d76a7c695d493bd85cc793884d066720e5aa7154b6ec8b922b090a823d73caae8421e0238cfdc70490b2ce9d2f5d89808b99
Static task
static1
Behavioral task
behavioral1
Sample
edcb357b3189f26818f5212a07734168.exe
Resource
win7v20210410
Malware Config
Extracted
redline
UPD
193.56.146.78:54955
Targets
-
-
Target
edcb357b3189f26818f5212a07734168
-
Size
287KB
-
MD5
edcb357b3189f26818f5212a07734168
-
SHA1
9927c47ddfd38f9f239b5eb06590312f550c06bc
-
SHA256
81a962862c3c796af1b94b1674698aa15a3c0f4abcb86e0ac23a810c4d4fc0e9
-
SHA512
3cddb80ea596446762b468f7dd73d76a7c695d493bd85cc793884d066720e5aa7154b6ec8b922b090a823d73caae8421e0238cfdc70490b2ce9d2f5d89808b99
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-