General
-
Target
7651fd56ba556324f5ceaf86d3db124ac74e5355aa4606dc9d599044cd63c88a
-
Size
371KB
-
Sample
210914-ke5l4afda6
-
MD5
d761f572e4354f7c83a5e658d453dc1c
-
SHA1
8ed74b5d6868e1bdcafd80264d0b4756be904c95
-
SHA256
7651fd56ba556324f5ceaf86d3db124ac74e5355aa4606dc9d599044cd63c88a
-
SHA512
42e977836d99b8fd843248102ce958b014d16c4cc14c29280c07450be56e3626ab638f94c12c9e7175625dcced9339870cb6b8b8c5d661b98d5aa259fd35b6a2
Static task
static1
Malware Config
Extracted
redline
10fk
185.45.192.203:80
Targets
-
-
Target
7651fd56ba556324f5ceaf86d3db124ac74e5355aa4606dc9d599044cd63c88a
-
Size
371KB
-
MD5
d761f572e4354f7c83a5e658d453dc1c
-
SHA1
8ed74b5d6868e1bdcafd80264d0b4756be904c95
-
SHA256
7651fd56ba556324f5ceaf86d3db124ac74e5355aa4606dc9d599044cd63c88a
-
SHA512
42e977836d99b8fd843248102ce958b014d16c4cc14c29280c07450be56e3626ab638f94c12c9e7175625dcced9339870cb6b8b8c5d661b98d5aa259fd35b6a2
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-