General
-
Target
95f85810353e13ab8718a3bb180b085cf1a8f4613c5fd9458043374ef5806ea3
-
Size
249KB
-
Sample
210926-mxfrssefh5
-
MD5
cd8bc2df005dbc3b769081074ef85a23
-
SHA1
89e7b3a72c7be91a6dfe955ddd6b97b4be3d95de
-
SHA256
95f85810353e13ab8718a3bb180b085cf1a8f4613c5fd9458043374ef5806ea3
-
SHA512
f66d57e4cbe99c00cf2a5b317aa3e91ca94b6c58d7499b9849406341a83e83f838beb4048969beaeb76b0612bf7e33dca7829806a857f34dc8e5cf47c055b928
Static task
static1
Malware Config
Extracted
redline
UTS
45.9.20.20:13441
Targets
-
-
Target
95f85810353e13ab8718a3bb180b085cf1a8f4613c5fd9458043374ef5806ea3
-
Size
249KB
-
MD5
cd8bc2df005dbc3b769081074ef85a23
-
SHA1
89e7b3a72c7be91a6dfe955ddd6b97b4be3d95de
-
SHA256
95f85810353e13ab8718a3bb180b085cf1a8f4613c5fd9458043374ef5806ea3
-
SHA512
f66d57e4cbe99c00cf2a5b317aa3e91ca94b6c58d7499b9849406341a83e83f838beb4048969beaeb76b0612bf7e33dca7829806a857f34dc8e5cf47c055b928
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-