General
-
Target
319bc85c37456c6d019954ed188e67101898019f101d24a0b22abb757ba7c02d
-
Size
318KB
-
Sample
210919-qed22aefgl
-
MD5
302160df32351cbfdb25d7de735b0b78
-
SHA1
45de3cd046ecaf384f22afb4c5cfe9650868e9f5
-
SHA256
319bc85c37456c6d019954ed188e67101898019f101d24a0b22abb757ba7c02d
-
SHA512
4665ceefe501f4a6d4e56cc21073182faeb7b52f57163afcbda28c2eb08992cc298b3a2103eb751f02539f7b7481fb221e6bbe1d8e39f9296d8e3f94e391cb12
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.20:13441
Targets
-
-
Target
319bc85c37456c6d019954ed188e67101898019f101d24a0b22abb757ba7c02d
-
Size
318KB
-
MD5
302160df32351cbfdb25d7de735b0b78
-
SHA1
45de3cd046ecaf384f22afb4c5cfe9650868e9f5
-
SHA256
319bc85c37456c6d019954ed188e67101898019f101d24a0b22abb757ba7c02d
-
SHA512
4665ceefe501f4a6d4e56cc21073182faeb7b52f57163afcbda28c2eb08992cc298b3a2103eb751f02539f7b7481fb221e6bbe1d8e39f9296d8e3f94e391cb12
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-