General
-
Target
c5279e5f3583a76349035515a88f609304f6f86c0ea3d343a5afd0f92ea54003
-
Size
318KB
-
Sample
210920-bjcx7sfcdp
-
MD5
d8d55293d5cef122f6ecef518e58dc26
-
SHA1
bc883b635a8301c57fc7ea32bfcc832bacda70fc
-
SHA256
c5279e5f3583a76349035515a88f609304f6f86c0ea3d343a5afd0f92ea54003
-
SHA512
c5fff52f2b443efb740514638a10b34f480303448098f67e2cb9582b29fc129a7d52f81ef2b187868e762b45cf319fe75118ab0a2bcfd6dce70bb9bc3afb7029
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.20:13441
Targets
-
-
Target
c5279e5f3583a76349035515a88f609304f6f86c0ea3d343a5afd0f92ea54003
-
Size
318KB
-
MD5
d8d55293d5cef122f6ecef518e58dc26
-
SHA1
bc883b635a8301c57fc7ea32bfcc832bacda70fc
-
SHA256
c5279e5f3583a76349035515a88f609304f6f86c0ea3d343a5afd0f92ea54003
-
SHA512
c5fff52f2b443efb740514638a10b34f480303448098f67e2cb9582b29fc129a7d52f81ef2b187868e762b45cf319fe75118ab0a2bcfd6dce70bb9bc3afb7029
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-