General
-
Target
5d63cf6e7e17508f2278186bd0f7adfde2ac0daa75dcd5f67660826d98223664
-
Size
318KB
-
Sample
210919-y4f7pacdh6
-
MD5
1b48d37147dbd053edfd8f0459cd571f
-
SHA1
7fa3e8c88c6b8721ab2fe3b5dd322cf954847560
-
SHA256
5d63cf6e7e17508f2278186bd0f7adfde2ac0daa75dcd5f67660826d98223664
-
SHA512
cf55d189edc8f726c63572bc340f1fbfce78e9688ac90ac6fe7e92a9406e9709fea4deb60b95d8147bc722f4db3d9eeae4bb14144cf545e62deeb37cf500e3d4
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.20:13441
Targets
-
-
Target
5d63cf6e7e17508f2278186bd0f7adfde2ac0daa75dcd5f67660826d98223664
-
Size
318KB
-
MD5
1b48d37147dbd053edfd8f0459cd571f
-
SHA1
7fa3e8c88c6b8721ab2fe3b5dd322cf954847560
-
SHA256
5d63cf6e7e17508f2278186bd0f7adfde2ac0daa75dcd5f67660826d98223664
-
SHA512
cf55d189edc8f726c63572bc340f1fbfce78e9688ac90ac6fe7e92a9406e9709fea4deb60b95d8147bc722f4db3d9eeae4bb14144cf545e62deeb37cf500e3d4
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-