General
-
Target
64d4e4e9210c40e8757f2fe4215e76c1329e90d8fb81e795ea6b850a1e39d639
-
Size
317KB
-
Sample
210919-mwjr3abhe6
-
MD5
c9e3398c093173c8dd10cd290a4d5119
-
SHA1
98197b039fc409ba387a7826ee811ba4f3c8f691
-
SHA256
64d4e4e9210c40e8757f2fe4215e76c1329e90d8fb81e795ea6b850a1e39d639
-
SHA512
39566ea893828b5c725444703b694222a32790c9fffe93d2ecd1598a0dd89fa9d1e0ec3a81b8b9578c628687d78ae0ffb9b55154f823d1779eaf56c405f88881
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.20:13441
Targets
-
-
Target
64d4e4e9210c40e8757f2fe4215e76c1329e90d8fb81e795ea6b850a1e39d639
-
Size
317KB
-
MD5
c9e3398c093173c8dd10cd290a4d5119
-
SHA1
98197b039fc409ba387a7826ee811ba4f3c8f691
-
SHA256
64d4e4e9210c40e8757f2fe4215e76c1329e90d8fb81e795ea6b850a1e39d639
-
SHA512
39566ea893828b5c725444703b694222a32790c9fffe93d2ecd1598a0dd89fa9d1e0ec3a81b8b9578c628687d78ae0ffb9b55154f823d1779eaf56c405f88881
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-