General
-
Target
aa2b01fe5fce1feeb75eed6288935582c1d8f27106d5a2574a905b1a21128b4f
-
Size
318KB
-
Sample
210920-atghpsfccl
-
MD5
764e9d22b3f61849850795545424dad4
-
SHA1
766874bd4e8b547aef57c7785054e39f36a0d389
-
SHA256
aa2b01fe5fce1feeb75eed6288935582c1d8f27106d5a2574a905b1a21128b4f
-
SHA512
165b8b6d3f854a372ecbf6b5277435e6c36e08e1f94345c8380cbb92be7ca8abd1558b58cf6e3b8f25bc697af8e7b522968a4e7d14a91d75287c8f2e116befbd
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.20:13441
Targets
-
-
Target
aa2b01fe5fce1feeb75eed6288935582c1d8f27106d5a2574a905b1a21128b4f
-
Size
318KB
-
MD5
764e9d22b3f61849850795545424dad4
-
SHA1
766874bd4e8b547aef57c7785054e39f36a0d389
-
SHA256
aa2b01fe5fce1feeb75eed6288935582c1d8f27106d5a2574a905b1a21128b4f
-
SHA512
165b8b6d3f854a372ecbf6b5277435e6c36e08e1f94345c8380cbb92be7ca8abd1558b58cf6e3b8f25bc697af8e7b522968a4e7d14a91d75287c8f2e116befbd
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-