General
-
Target
23bd2f52ef376af32c7483c780063d1d1fcbfc8f5dc7f21c78c90f5531375127
-
Size
250KB
-
Sample
210926-py935sehc5
-
MD5
7c7f705a55b0605d3d0cff761f43ad9b
-
SHA1
f9d46de13937dfdd2ad71c53b36e7d338da58a2d
-
SHA256
23bd2f52ef376af32c7483c780063d1d1fcbfc8f5dc7f21c78c90f5531375127
-
SHA512
3fda6291523887ee5c1e0622a158550c0f6263675c47883fa996d89bd8fb0d99797d13ceaab7f77e5c3d43901dee0ac25dd6d04bd9cf8189550662b05234c3fe
Static task
static1
Malware Config
Extracted
redline
PUB
45.9.20.20:13441
Targets
-
-
Target
23bd2f52ef376af32c7483c780063d1d1fcbfc8f5dc7f21c78c90f5531375127
-
Size
250KB
-
MD5
7c7f705a55b0605d3d0cff761f43ad9b
-
SHA1
f9d46de13937dfdd2ad71c53b36e7d338da58a2d
-
SHA256
23bd2f52ef376af32c7483c780063d1d1fcbfc8f5dc7f21c78c90f5531375127
-
SHA512
3fda6291523887ee5c1e0622a158550c0f6263675c47883fa996d89bd8fb0d99797d13ceaab7f77e5c3d43901dee0ac25dd6d04bd9cf8189550662b05234c3fe
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-