General
-
Target
08f01ed2e474600eafb0d03fb4c1457bc3bf009f7be8714047856874a6dcc957
-
Size
291KB
-
Sample
210913-sxmg8seab9
-
MD5
fab4fb82fa504cb415c497b49ca48cd0
-
SHA1
1b98740d6ee521f86440f855716519f9c7db7ed6
-
SHA256
08f01ed2e474600eafb0d03fb4c1457bc3bf009f7be8714047856874a6dcc957
-
SHA512
849a46bc2e30a8566567808d31302e5b7fa0345c56969ab8ff5a6e1f043379218ef8db3d5234a11b195deb64309f022e16528044b94bc2afea8c32f2c2639c2d
Static task
static1
Malware Config
Extracted
redline
10fk
185.45.192.203:80
Targets
-
-
Target
08f01ed2e474600eafb0d03fb4c1457bc3bf009f7be8714047856874a6dcc957
-
Size
291KB
-
MD5
fab4fb82fa504cb415c497b49ca48cd0
-
SHA1
1b98740d6ee521f86440f855716519f9c7db7ed6
-
SHA256
08f01ed2e474600eafb0d03fb4c1457bc3bf009f7be8714047856874a6dcc957
-
SHA512
849a46bc2e30a8566567808d31302e5b7fa0345c56969ab8ff5a6e1f043379218ef8db3d5234a11b195deb64309f022e16528044b94bc2afea8c32f2c2639c2d
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-