General
-
Target
44d2a8de740beee4179d2175c57f03b677b6c67d14c8e0b086fb2f163641b2de
-
Size
370KB
-
Sample
210914-mkh2dsfeg4
-
MD5
080cfea007d32b0e91f49c7aed57a685
-
SHA1
c635c71fe0ad585a5e8bb91668453b65eec3182e
-
SHA256
44d2a8de740beee4179d2175c57f03b677b6c67d14c8e0b086fb2f163641b2de
-
SHA512
bdb5fb5247b367cd266888a465645074a34f3ff536a60d9a136c67298c2e950fec2bc0e959dc5eb455379d175dd78797d944715b1539e66203908d040bd9ebe2
Static task
static1
Malware Config
Extracted
redline
10fk
185.45.192.203:80
Targets
-
-
Target
44d2a8de740beee4179d2175c57f03b677b6c67d14c8e0b086fb2f163641b2de
-
Size
370KB
-
MD5
080cfea007d32b0e91f49c7aed57a685
-
SHA1
c635c71fe0ad585a5e8bb91668453b65eec3182e
-
SHA256
44d2a8de740beee4179d2175c57f03b677b6c67d14c8e0b086fb2f163641b2de
-
SHA512
bdb5fb5247b367cd266888a465645074a34f3ff536a60d9a136c67298c2e950fec2bc0e959dc5eb455379d175dd78797d944715b1539e66203908d040bd9ebe2
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-