General
-
Target
dc40a6fca79ac22b6a42a842f96646d28b66d61bd04d98b31f5bc4ead14d0eb1
-
Size
318KB
-
Sample
210913-yaplzaecg8
-
MD5
b0ce59505635594210d031bd480c2548
-
SHA1
2c51b42d7fe7afb92538f00199a56d396bbe5533
-
SHA256
dc40a6fca79ac22b6a42a842f96646d28b66d61bd04d98b31f5bc4ead14d0eb1
-
SHA512
d28bb73c250feb4fe90853e89c5037d1c2729a806c54ce8b1fa42cfd8e62f87f41f11394ff11cabfa830e5f3405ce063a77a585405f21474dd3f55521daaf705
Static task
static1
Malware Config
Extracted
redline
10fk
185.45.192.203:80
Targets
-
-
Target
dc40a6fca79ac22b6a42a842f96646d28b66d61bd04d98b31f5bc4ead14d0eb1
-
Size
318KB
-
MD5
b0ce59505635594210d031bd480c2548
-
SHA1
2c51b42d7fe7afb92538f00199a56d396bbe5533
-
SHA256
dc40a6fca79ac22b6a42a842f96646d28b66d61bd04d98b31f5bc4ead14d0eb1
-
SHA512
d28bb73c250feb4fe90853e89c5037d1c2729a806c54ce8b1fa42cfd8e62f87f41f11394ff11cabfa830e5f3405ce063a77a585405f21474dd3f55521daaf705
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-