General
-
Target
b1a669d65e7b71816391d6ba9dc45ecae35592c88fd5977fff37e247d1cbbb6a
-
Size
318KB
-
Sample
210920-ekm2cafdfk
-
MD5
6633b22ce7b8d409eb8182dedb23f7e5
-
SHA1
f7b8025329d2c2b751e19e8dbae75697562808e5
-
SHA256
b1a669d65e7b71816391d6ba9dc45ecae35592c88fd5977fff37e247d1cbbb6a
-
SHA512
39aa09296520dffad448529f8374a2e14c9c93c5459c232367df7040b0b1d4dadfc8a2f89f0493bb04b023e62e2319dd9b2a11cb17d9a220b057e50f2e690a1a
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.20:13441
Targets
-
-
Target
b1a669d65e7b71816391d6ba9dc45ecae35592c88fd5977fff37e247d1cbbb6a
-
Size
318KB
-
MD5
6633b22ce7b8d409eb8182dedb23f7e5
-
SHA1
f7b8025329d2c2b751e19e8dbae75697562808e5
-
SHA256
b1a669d65e7b71816391d6ba9dc45ecae35592c88fd5977fff37e247d1cbbb6a
-
SHA512
39aa09296520dffad448529f8374a2e14c9c93c5459c232367df7040b0b1d4dadfc8a2f89f0493bb04b023e62e2319dd9b2a11cb17d9a220b057e50f2e690a1a
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-