General
-
Target
4735705ae68226671b054bd9754ce35936659ece386f3fa6c86bdc719e6681b1
-
Size
282KB
-
Sample
210815-f59yjn9fpn
-
MD5
66b0e25cf902ca7c831c6fdba8f98375
-
SHA1
14beb81dbd9ced0d5b4b4043231390043c9d4e75
-
SHA256
4735705ae68226671b054bd9754ce35936659ece386f3fa6c86bdc719e6681b1
-
SHA512
4ca183fd526f91019ea7cccc6d84e98aa3d3a785931aa9cb5e4ae4733307e790c19f3564a1ee7361916cc37ff3effb32c5314ba482f0e76666c9ec05fac012a8
Static task
static1
Malware Config
Extracted
redline
RUZ
enasauni.xyz:80
Targets
-
-
Target
4735705ae68226671b054bd9754ce35936659ece386f3fa6c86bdc719e6681b1
-
Size
282KB
-
MD5
66b0e25cf902ca7c831c6fdba8f98375
-
SHA1
14beb81dbd9ced0d5b4b4043231390043c9d4e75
-
SHA256
4735705ae68226671b054bd9754ce35936659ece386f3fa6c86bdc719e6681b1
-
SHA512
4ca183fd526f91019ea7cccc6d84e98aa3d3a785931aa9cb5e4ae4733307e790c19f3564a1ee7361916cc37ff3effb32c5314ba482f0e76666c9ec05fac012a8
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-