General
-
Target
cec85b96bff70ce97cd617c02f61ba7a51066e29973200fb66ce56ad4a8462ec
-
Size
317KB
-
Sample
210919-r7k7gsegbp
-
MD5
3d2efc44642922d224c3856d69822a4d
-
SHA1
acc34102a181dfbee7a037091a9ef5ab0b7cd827
-
SHA256
cec85b96bff70ce97cd617c02f61ba7a51066e29973200fb66ce56ad4a8462ec
-
SHA512
474f0d82e3a71f828cddc6fa107e090a4237a28af246a217d27eaa96d6c98c666a2f139a9eb5f6517147dfd590f2109125d85df308169db54df8630c9be14c48
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.20:13441
Targets
-
-
Target
cec85b96bff70ce97cd617c02f61ba7a51066e29973200fb66ce56ad4a8462ec
-
Size
317KB
-
MD5
3d2efc44642922d224c3856d69822a4d
-
SHA1
acc34102a181dfbee7a037091a9ef5ab0b7cd827
-
SHA256
cec85b96bff70ce97cd617c02f61ba7a51066e29973200fb66ce56ad4a8462ec
-
SHA512
474f0d82e3a71f828cddc6fa107e090a4237a28af246a217d27eaa96d6c98c666a2f139a9eb5f6517147dfd590f2109125d85df308169db54df8630c9be14c48
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-