General
-
Target
a454c99eee18a224012fc3972f15fc7ad7053357bcbd28cc8a4858dd00cdbd9c
-
Size
374KB
-
Sample
210914-xnt8yagbe3
-
MD5
147f5e4dbf8798750a51f3b4da661461
-
SHA1
12921c2173ca28539e6b629197cdf58099812b31
-
SHA256
a454c99eee18a224012fc3972f15fc7ad7053357bcbd28cc8a4858dd00cdbd9c
-
SHA512
dd819d4c88e1326c979591071c0b4f6538cdadb8d2cd0fee9cad1dd3c3602d514ab172aba62efbc92e941065e417a17b25d632d8387fb5233214194210ec90ed
Static task
static1
Malware Config
Extracted
redline
10fk
185.45.192.203:80
Targets
-
-
Target
a454c99eee18a224012fc3972f15fc7ad7053357bcbd28cc8a4858dd00cdbd9c
-
Size
374KB
-
MD5
147f5e4dbf8798750a51f3b4da661461
-
SHA1
12921c2173ca28539e6b629197cdf58099812b31
-
SHA256
a454c99eee18a224012fc3972f15fc7ad7053357bcbd28cc8a4858dd00cdbd9c
-
SHA512
dd819d4c88e1326c979591071c0b4f6538cdadb8d2cd0fee9cad1dd3c3602d514ab172aba62efbc92e941065e417a17b25d632d8387fb5233214194210ec90ed
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-