General
-
Target
a7ca4468df6c856b406431bbbb4b7ad887db3812329cd60bde260eabe164d11b
-
Size
318KB
-
Sample
210919-ydh9cscde8
-
MD5
c7d4611a6284253727382e0b19c74e6a
-
SHA1
66913a97faf96b09c510db6d55cd5720d1a04e7c
-
SHA256
a7ca4468df6c856b406431bbbb4b7ad887db3812329cd60bde260eabe164d11b
-
SHA512
bd256840368a1cd0a0b9e0314db53cf44c41d0155461f3a1019339dd7c9d7c5654133c1e6e3d2887f115f96a6ac40f13a44e5bec88699f46e63f7bdeb6364cc8
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.20:13441
Targets
-
-
Target
a7ca4468df6c856b406431bbbb4b7ad887db3812329cd60bde260eabe164d11b
-
Size
318KB
-
MD5
c7d4611a6284253727382e0b19c74e6a
-
SHA1
66913a97faf96b09c510db6d55cd5720d1a04e7c
-
SHA256
a7ca4468df6c856b406431bbbb4b7ad887db3812329cd60bde260eabe164d11b
-
SHA512
bd256840368a1cd0a0b9e0314db53cf44c41d0155461f3a1019339dd7c9d7c5654133c1e6e3d2887f115f96a6ac40f13a44e5bec88699f46e63f7bdeb6364cc8
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-