General
-
Target
6c1efbba9b5b181bec1a7d79b555bbe0da001f27327ab6cc02485ad3ec230a9c
-
Size
407KB
-
Sample
210914-rwekkafhb7
-
MD5
9726908b28f22c2c0851c6af3f1898b9
-
SHA1
eae765138dada9642a8f9ccc2cf76b07640dfe52
-
SHA256
6c1efbba9b5b181bec1a7d79b555bbe0da001f27327ab6cc02485ad3ec230a9c
-
SHA512
4d97c4730c4428d411229ed76412eddc9e0185c8ebc8871b211c8d286efbd5c45a3672e53971a2809e8deae6d63fc29e19edc214443c815fbed86e129b4eeb67
Static task
static1
Malware Config
Extracted
redline
10fk
185.45.192.203:80
Targets
-
-
Target
6c1efbba9b5b181bec1a7d79b555bbe0da001f27327ab6cc02485ad3ec230a9c
-
Size
407KB
-
MD5
9726908b28f22c2c0851c6af3f1898b9
-
SHA1
eae765138dada9642a8f9ccc2cf76b07640dfe52
-
SHA256
6c1efbba9b5b181bec1a7d79b555bbe0da001f27327ab6cc02485ad3ec230a9c
-
SHA512
4d97c4730c4428d411229ed76412eddc9e0185c8ebc8871b211c8d286efbd5c45a3672e53971a2809e8deae6d63fc29e19edc214443c815fbed86e129b4eeb67
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-