General
-
Target
247fd6cd86203cf2f4a620dd168ee32c3c24158cde58d7d9f2fe7923e679501c
-
Size
318KB
-
Sample
210920-d77htsfddp
-
MD5
eb31866a4cf8ed3b31794cde78574647
-
SHA1
6de07932b04665e9551ec02bb6c1965095a28c0e
-
SHA256
247fd6cd86203cf2f4a620dd168ee32c3c24158cde58d7d9f2fe7923e679501c
-
SHA512
23828ca6c9eba47b3d26dbccaa297cbf6d09e94c6883e1eef27de284b9ea03fd04112d8ee65374db90ff198e63be121b75dc57b3e857bd5f1ab0ca1e676d5e8c
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.20:13441
Targets
-
-
Target
247fd6cd86203cf2f4a620dd168ee32c3c24158cde58d7d9f2fe7923e679501c
-
Size
318KB
-
MD5
eb31866a4cf8ed3b31794cde78574647
-
SHA1
6de07932b04665e9551ec02bb6c1965095a28c0e
-
SHA256
247fd6cd86203cf2f4a620dd168ee32c3c24158cde58d7d9f2fe7923e679501c
-
SHA512
23828ca6c9eba47b3d26dbccaa297cbf6d09e94c6883e1eef27de284b9ea03fd04112d8ee65374db90ff198e63be121b75dc57b3e857bd5f1ab0ca1e676d5e8c
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-