General
-
Target
18a42d9c4ba2b87de47de18aafcb0f09cce495e66f07262e619684abb5eae305
-
Size
343KB
-
Sample
210822-5wha7c194a
-
MD5
87ee87b65ea83c3599b7dfdca45eb1ab
-
SHA1
a58b891ae271ca98a12e17254b10048f30da3379
-
SHA256
18a42d9c4ba2b87de47de18aafcb0f09cce495e66f07262e619684abb5eae305
-
SHA512
acbc38814b01ee8c6cca6cbfca8c1f8845f106e0d7ea22b753fb546e8a779dcb814abfe4059d9e0ea507cbf9af678fd54c72bc7c0e0d9bd437e409146a389d63
Static task
static1
Malware Config
Extracted
redline
build1
91.142.77.189:59638
Targets
-
-
Target
18a42d9c4ba2b87de47de18aafcb0f09cce495e66f07262e619684abb5eae305
-
Size
343KB
-
MD5
87ee87b65ea83c3599b7dfdca45eb1ab
-
SHA1
a58b891ae271ca98a12e17254b10048f30da3379
-
SHA256
18a42d9c4ba2b87de47de18aafcb0f09cce495e66f07262e619684abb5eae305
-
SHA512
acbc38814b01ee8c6cca6cbfca8c1f8845f106e0d7ea22b753fb546e8a779dcb814abfe4059d9e0ea507cbf9af678fd54c72bc7c0e0d9bd437e409146a389d63
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-