General
-
Target
f8ea61697d522a51edaf1e480b9b7017b94746b17161fec509ea6823ea02f936
-
Size
248KB
-
Sample
210829-epb7bam8qn
-
MD5
32f6647b200a7d9030c7c70be399c80c
-
SHA1
50fffd74672243dd4cd8fb2377bf3dcc7bd89cf8
-
SHA256
f8ea61697d522a51edaf1e480b9b7017b94746b17161fec509ea6823ea02f936
-
SHA512
a324774d0fdc2af0956785eb02dd1501616cf3b3ca16786e0cd230a7221ef65362017106dce8406533342556dfce96c004f74c2315ae0ec69cf0361cccdaa7da
Static task
static1
Malware Config
Extracted
redline
build1
65.108.48.203:48896
Targets
-
-
Target
f8ea61697d522a51edaf1e480b9b7017b94746b17161fec509ea6823ea02f936
-
Size
248KB
-
MD5
32f6647b200a7d9030c7c70be399c80c
-
SHA1
50fffd74672243dd4cd8fb2377bf3dcc7bd89cf8
-
SHA256
f8ea61697d522a51edaf1e480b9b7017b94746b17161fec509ea6823ea02f936
-
SHA512
a324774d0fdc2af0956785eb02dd1501616cf3b3ca16786e0cd230a7221ef65362017106dce8406533342556dfce96c004f74c2315ae0ec69cf0361cccdaa7da
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-