General
-
Target
114f53aedbefc65374162d5e79547ee4.exe
-
Size
317KB
-
Sample
210919-sdwlssegcl
-
MD5
114f53aedbefc65374162d5e79547ee4
-
SHA1
dbe37f5ea6d2a22a40f8c3d4370939b049baf9e1
-
SHA256
bc622f5729f264d9943fdbfda5bacb5f8654c7bbbeada1a58da252434dee4f1f
-
SHA512
f5f2fdfc3873f02067f586bbc6f52be96ed19b15fcb585154becb3e9485e21cab423b3af3f6736f3c6c3320f9454b0709e99de2c10a618e96c25dd0552ac08b9
Static task
static1
Behavioral task
behavioral1
Sample
114f53aedbefc65374162d5e79547ee4.exe
Resource
win7-en-20210916
Malware Config
Extracted
redline
UDP
45.9.20.20:13441
Targets
-
-
Target
114f53aedbefc65374162d5e79547ee4.exe
-
Size
317KB
-
MD5
114f53aedbefc65374162d5e79547ee4
-
SHA1
dbe37f5ea6d2a22a40f8c3d4370939b049baf9e1
-
SHA256
bc622f5729f264d9943fdbfda5bacb5f8654c7bbbeada1a58da252434dee4f1f
-
SHA512
f5f2fdfc3873f02067f586bbc6f52be96ed19b15fcb585154becb3e9485e21cab423b3af3f6736f3c6c3320f9454b0709e99de2c10a618e96c25dd0552ac08b9
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-