General
-
Target
01763d36f044860572880f17b39e99b03738923757f3e3d4e8b017174a0788f7
-
Size
282KB
-
Sample
210915-jqjckaabc8
-
MD5
bfae0184ecf89840977c84442734553d
-
SHA1
ac04d639969bf66825248eb3ce54529eece492dd
-
SHA256
01763d36f044860572880f17b39e99b03738923757f3e3d4e8b017174a0788f7
-
SHA512
5fb09245f5d05cc03bccb0213fda66061226021c4f97253171316120780eb3758296935979965fae8a16766aa5d6d176e52d02bb769699dc41d461c7319b1ce6
Static task
static1
Malware Config
Extracted
redline
UTS
45.9.20.20:13441
Targets
-
-
Target
01763d36f044860572880f17b39e99b03738923757f3e3d4e8b017174a0788f7
-
Size
282KB
-
MD5
bfae0184ecf89840977c84442734553d
-
SHA1
ac04d639969bf66825248eb3ce54529eece492dd
-
SHA256
01763d36f044860572880f17b39e99b03738923757f3e3d4e8b017174a0788f7
-
SHA512
5fb09245f5d05cc03bccb0213fda66061226021c4f97253171316120780eb3758296935979965fae8a16766aa5d6d176e52d02bb769699dc41d461c7319b1ce6
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-