General
-
Target
b2eb789d41eff9c6e71679c709c2dd955ee51e3748204e61811667c45a4241ec
-
Size
371KB
-
Sample
210914-nmnkbsffb2
-
MD5
9cf9739c972a2c7961c916c72c43f345
-
SHA1
117326fda9b3df2957b8753c80600c0e5e94494e
-
SHA256
b2eb789d41eff9c6e71679c709c2dd955ee51e3748204e61811667c45a4241ec
-
SHA512
36c2a96a1eb6c9882392c319365cad7d775070974228f91bfc3bedac4c7fe1f07f9c432048979b3f08afd840df6ccddbba979f6e5e54fc9b47a60f0005317d1f
Static task
static1
Malware Config
Extracted
redline
10fk
185.45.192.203:80
Targets
-
-
Target
b2eb789d41eff9c6e71679c709c2dd955ee51e3748204e61811667c45a4241ec
-
Size
371KB
-
MD5
9cf9739c972a2c7961c916c72c43f345
-
SHA1
117326fda9b3df2957b8753c80600c0e5e94494e
-
SHA256
b2eb789d41eff9c6e71679c709c2dd955ee51e3748204e61811667c45a4241ec
-
SHA512
36c2a96a1eb6c9882392c319365cad7d775070974228f91bfc3bedac4c7fe1f07f9c432048979b3f08afd840df6ccddbba979f6e5e54fc9b47a60f0005317d1f
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-