General
-
Target
bfbd2296b0eb8f2bf54cee282ae6abf5f3a658c9bba5f944fea3a79250b6fb2a
-
Size
319KB
-
Sample
210913-xptc2ahchq
-
MD5
85c9727724a9c5cc6f7c17e25e3a254b
-
SHA1
8ffcd959bf0e9e668d331e2305244d028cf22d4c
-
SHA256
bfbd2296b0eb8f2bf54cee282ae6abf5f3a658c9bba5f944fea3a79250b6fb2a
-
SHA512
2647cfc8142f402a011c87eeb3b68912b852428dc0831a31b9ba3dcf0d54f02cca5f8d9df6e712846b8d822912b861128ebc3efb43db1bac317cff9293e5645c
Static task
static1
Malware Config
Extracted
redline
10fk
185.45.192.203:80
Targets
-
-
Target
bfbd2296b0eb8f2bf54cee282ae6abf5f3a658c9bba5f944fea3a79250b6fb2a
-
Size
319KB
-
MD5
85c9727724a9c5cc6f7c17e25e3a254b
-
SHA1
8ffcd959bf0e9e668d331e2305244d028cf22d4c
-
SHA256
bfbd2296b0eb8f2bf54cee282ae6abf5f3a658c9bba5f944fea3a79250b6fb2a
-
SHA512
2647cfc8142f402a011c87eeb3b68912b852428dc0831a31b9ba3dcf0d54f02cca5f8d9df6e712846b8d822912b861128ebc3efb43db1bac317cff9293e5645c
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-