General
-
Target
33bb7d8584f1353b048c0227977e9531a4125188a960babbc2a26307ca158275
-
Size
318KB
-
Sample
210919-s9ye9scbd4
-
MD5
4a93f552d9a2747b134be963c4d1b044
-
SHA1
7b96e56bc6b7df56ac4d0cda72dbc2d9be65f0e4
-
SHA256
33bb7d8584f1353b048c0227977e9531a4125188a960babbc2a26307ca158275
-
SHA512
d10962a7c0027ca5dafda2e9ebc236b04284c4542f65e3cea9ec423b29012ed7fc111579e73f0b46d6e3be0ed020dc23c784c5f281abcf02071cfd904fdf1ab5
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.20:13441
Targets
-
-
Target
33bb7d8584f1353b048c0227977e9531a4125188a960babbc2a26307ca158275
-
Size
318KB
-
MD5
4a93f552d9a2747b134be963c4d1b044
-
SHA1
7b96e56bc6b7df56ac4d0cda72dbc2d9be65f0e4
-
SHA256
33bb7d8584f1353b048c0227977e9531a4125188a960babbc2a26307ca158275
-
SHA512
d10962a7c0027ca5dafda2e9ebc236b04284c4542f65e3cea9ec423b29012ed7fc111579e73f0b46d6e3be0ed020dc23c784c5f281abcf02071cfd904fdf1ab5
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-