General
-
Target
fba1a1f4b7d31f4b922b8e6ee5feea37875b835ef85cc4f956a7d481b841d1a5
-
Size
250KB
-
Sample
210926-phv92sehb4
-
MD5
110d5ef37b4a5bd7211e938006109162
-
SHA1
55ca3b5df37096c677112c94aee042c0788fa722
-
SHA256
fba1a1f4b7d31f4b922b8e6ee5feea37875b835ef85cc4f956a7d481b841d1a5
-
SHA512
3754c1fd58eafe981588982a5e47e601a04d9e618d08cca9060401ed4fe539809982b1e6ff7202f783c6b5aa83b7e1428951a471f0b4f84de80b06f23a966903
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.20:13441
Targets
-
-
Target
fba1a1f4b7d31f4b922b8e6ee5feea37875b835ef85cc4f956a7d481b841d1a5
-
Size
250KB
-
MD5
110d5ef37b4a5bd7211e938006109162
-
SHA1
55ca3b5df37096c677112c94aee042c0788fa722
-
SHA256
fba1a1f4b7d31f4b922b8e6ee5feea37875b835ef85cc4f956a7d481b841d1a5
-
SHA512
3754c1fd58eafe981588982a5e47e601a04d9e618d08cca9060401ed4fe539809982b1e6ff7202f783c6b5aa83b7e1428951a471f0b4f84de80b06f23a966903
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-