General
-
Target
87fd10878431964ffd4f264fdea1c229d9a36af2545c4c77ca2ccbe843f9b0d3
-
Size
281KB
-
Sample
210915-jhvqmadbgr
-
MD5
67a5c73046a131f12f90aa1e998d3ce6
-
SHA1
2c926ccb94e1d75fe1131cbf68f44e33dc46f9bc
-
SHA256
87fd10878431964ffd4f264fdea1c229d9a36af2545c4c77ca2ccbe843f9b0d3
-
SHA512
426bd841af2d8903f2134ff9767c82acb37934c9f75bf864f8da8a0c61df93551a35721b602e2758615c023461151dfcac8c1a36562d13da7290b505dde301b5
Static task
static1
Malware Config
Extracted
redline
PUB
45.9.20.20:13441
Targets
-
-
Target
87fd10878431964ffd4f264fdea1c229d9a36af2545c4c77ca2ccbe843f9b0d3
-
Size
281KB
-
MD5
67a5c73046a131f12f90aa1e998d3ce6
-
SHA1
2c926ccb94e1d75fe1131cbf68f44e33dc46f9bc
-
SHA256
87fd10878431964ffd4f264fdea1c229d9a36af2545c4c77ca2ccbe843f9b0d3
-
SHA512
426bd841af2d8903f2134ff9767c82acb37934c9f75bf864f8da8a0c61df93551a35721b602e2758615c023461151dfcac8c1a36562d13da7290b505dde301b5
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-