General
-
Target
6baa813d3f7de346cdcf53fd9e58e995dc8abb980c45a6ee49b36852dc562c72
-
Size
239KB
-
Sample
210926-2e8r7afdd9
-
MD5
0d40ceb2c9b660f219d66e0d0a2320c1
-
SHA1
70919bfee02e69a6d94939a647cb48d785140324
-
SHA256
6baa813d3f7de346cdcf53fd9e58e995dc8abb980c45a6ee49b36852dc562c72
-
SHA512
3bf2a96b311f3243e1a565a8fdb4e49f3bfd7053574ad043b133bd96c378733c196223da67cdb0f4456f37efadbaa19c14ca4a8e43bf2d185a788f5fb4363e02
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.20:13441
Targets
-
-
Target
6baa813d3f7de346cdcf53fd9e58e995dc8abb980c45a6ee49b36852dc562c72
-
Size
239KB
-
MD5
0d40ceb2c9b660f219d66e0d0a2320c1
-
SHA1
70919bfee02e69a6d94939a647cb48d785140324
-
SHA256
6baa813d3f7de346cdcf53fd9e58e995dc8abb980c45a6ee49b36852dc562c72
-
SHA512
3bf2a96b311f3243e1a565a8fdb4e49f3bfd7053574ad043b133bd96c378733c196223da67cdb0f4456f37efadbaa19c14ca4a8e43bf2d185a788f5fb4363e02
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-