General
-
Target
b6a6c9978ed365583d452a7ae13b2ad992bf61093dbe249a5ddbb35d75b2433f
-
Size
371KB
-
Sample
210914-gqbxdaaahn
-
MD5
9d8123347e8a40e913eaafe295420fbe
-
SHA1
27135c12b82757683393d09d6a9555d12c1421f8
-
SHA256
b6a6c9978ed365583d452a7ae13b2ad992bf61093dbe249a5ddbb35d75b2433f
-
SHA512
0f4b5d71568125bae3102d63eeb701b8e7d15ae315f07b970ecc9cd9a0d61945ed1241e56f171b573447aa24125170712221af65ed904f7ab42e9b8116adcdb4
Static task
static1
Malware Config
Extracted
redline
10fk
185.45.192.203:80
Targets
-
-
Target
b6a6c9978ed365583d452a7ae13b2ad992bf61093dbe249a5ddbb35d75b2433f
-
Size
371KB
-
MD5
9d8123347e8a40e913eaafe295420fbe
-
SHA1
27135c12b82757683393d09d6a9555d12c1421f8
-
SHA256
b6a6c9978ed365583d452a7ae13b2ad992bf61093dbe249a5ddbb35d75b2433f
-
SHA512
0f4b5d71568125bae3102d63eeb701b8e7d15ae315f07b970ecc9cd9a0d61945ed1241e56f171b573447aa24125170712221af65ed904f7ab42e9b8116adcdb4
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-