General
-
Target
6d4ac5a11dcbd7eb2764a96162f19a716a8ae76320ed7f1a6863aab01d95c8a3
-
Size
239KB
-
Sample
210926-1xefmafcfn
-
MD5
cc6723e17ee342574edc7c19cb29d00a
-
SHA1
72830745071006df28dc6153a4dd19f368714a29
-
SHA256
6d4ac5a11dcbd7eb2764a96162f19a716a8ae76320ed7f1a6863aab01d95c8a3
-
SHA512
39537ecfe7a0b2a1449fb8441f6dfe15d91cd3670822738a00c14c6cd83257914fec8d73cb0d41b2a7e0c418559fa01b2fcb534676551ed716a8c0b064098ac9
Static task
static1
Malware Config
Extracted
redline
PUB
45.9.20.20:13441
Targets
-
-
Target
6d4ac5a11dcbd7eb2764a96162f19a716a8ae76320ed7f1a6863aab01d95c8a3
-
Size
239KB
-
MD5
cc6723e17ee342574edc7c19cb29d00a
-
SHA1
72830745071006df28dc6153a4dd19f368714a29
-
SHA256
6d4ac5a11dcbd7eb2764a96162f19a716a8ae76320ed7f1a6863aab01d95c8a3
-
SHA512
39537ecfe7a0b2a1449fb8441f6dfe15d91cd3670822738a00c14c6cd83257914fec8d73cb0d41b2a7e0c418559fa01b2fcb534676551ed716a8c0b064098ac9
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-