General
-
Target
0dee0efbcc49fc2ca3990e33ad69a4b50ff31c9cddf0b2f3060440eb61d6e4bb
-
Size
359KB
-
Sample
210914-sfbz6sahdn
-
MD5
753d5ecaa6fb3585d827d287d890e9a6
-
SHA1
2b1a2210ca1df4e2218ba8e39308cb8fb59f69b6
-
SHA256
0dee0efbcc49fc2ca3990e33ad69a4b50ff31c9cddf0b2f3060440eb61d6e4bb
-
SHA512
9d2932cc7bdf2861cd364ecf98306b3a8a86927d1d7b5f8ad1fa698d5a804e3b248bec022486c50f747096e6ad057f22e16de6240616ef16e8db3ca0950b0950
Static task
static1
Malware Config
Extracted
redline
10fk
185.45.192.203:80
Targets
-
-
Target
0dee0efbcc49fc2ca3990e33ad69a4b50ff31c9cddf0b2f3060440eb61d6e4bb
-
Size
359KB
-
MD5
753d5ecaa6fb3585d827d287d890e9a6
-
SHA1
2b1a2210ca1df4e2218ba8e39308cb8fb59f69b6
-
SHA256
0dee0efbcc49fc2ca3990e33ad69a4b50ff31c9cddf0b2f3060440eb61d6e4bb
-
SHA512
9d2932cc7bdf2861cd364ecf98306b3a8a86927d1d7b5f8ad1fa698d5a804e3b248bec022486c50f747096e6ad057f22e16de6240616ef16e8db3ca0950b0950
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-