General
-
Target
bcf96d944dd395fe72da5e2bee8ff42ee0a54100c2f602ebf4d0a591ecdec5a0
-
Size
249KB
-
Sample
210926-ns6cbsefer
-
MD5
a4b1daeb1644e2450a94d1aaf21c5818
-
SHA1
21c56b14ca0dcfd9f1061a020a3acc4ad9d7a33c
-
SHA256
bcf96d944dd395fe72da5e2bee8ff42ee0a54100c2f602ebf4d0a591ecdec5a0
-
SHA512
f9f12e0e92b5a9d7266f5364ead095d18040ea2c70cc900d78db67b747e0f9e946b53bb066ead125bb2182c436cfc10736f532948c8792dcf3cf23fce735289a
Static task
static1
Malware Config
Extracted
redline
PUB
45.9.20.20:13441
Targets
-
-
Target
bcf96d944dd395fe72da5e2bee8ff42ee0a54100c2f602ebf4d0a591ecdec5a0
-
Size
249KB
-
MD5
a4b1daeb1644e2450a94d1aaf21c5818
-
SHA1
21c56b14ca0dcfd9f1061a020a3acc4ad9d7a33c
-
SHA256
bcf96d944dd395fe72da5e2bee8ff42ee0a54100c2f602ebf4d0a591ecdec5a0
-
SHA512
f9f12e0e92b5a9d7266f5364ead095d18040ea2c70cc900d78db67b747e0f9e946b53bb066ead125bb2182c436cfc10736f532948c8792dcf3cf23fce735289a
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-