General
-
Target
fd9d8d1de7a566e60479fa781b6bae0707bf8fa538004ac2b6de2f447b6d40a8
-
Size
318KB
-
Sample
210919-3g43fsfbhp
-
MD5
7adeb7b9a3dbc0de7fdb92c72bdb0745
-
SHA1
74ecf001b84dc5c10e310a7595ac86e79aa1899f
-
SHA256
fd9d8d1de7a566e60479fa781b6bae0707bf8fa538004ac2b6de2f447b6d40a8
-
SHA512
9de7114851e18d1148d6c482f5128e88afc3b324df1309455eb483c79f82d6e218aa57261cceeea6938d8954fa57119a16ccfdac6740a73c1c9f4676d92a4c9a
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.20:13441
Targets
-
-
Target
fd9d8d1de7a566e60479fa781b6bae0707bf8fa538004ac2b6de2f447b6d40a8
-
Size
318KB
-
MD5
7adeb7b9a3dbc0de7fdb92c72bdb0745
-
SHA1
74ecf001b84dc5c10e310a7595ac86e79aa1899f
-
SHA256
fd9d8d1de7a566e60479fa781b6bae0707bf8fa538004ac2b6de2f447b6d40a8
-
SHA512
9de7114851e18d1148d6c482f5128e88afc3b324df1309455eb483c79f82d6e218aa57261cceeea6938d8954fa57119a16ccfdac6740a73c1c9f4676d92a4c9a
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-