General
-
Target
4b4caac9b37e2081b2b5e33de0214c226ef3ab957e7bee1255b81c34d59fea33
-
Size
250KB
-
Sample
210926-ql4w2aehe4
-
MD5
2e9226c77d8d80677d35a48bc1d5bf19
-
SHA1
b8dc5fb61fd1bc2e599dba3f1b37249d271e896f
-
SHA256
4b4caac9b37e2081b2b5e33de0214c226ef3ab957e7bee1255b81c34d59fea33
-
SHA512
b0864787f90260be96c1a4a4f3bff0a5625fd17da9ae7af9c21485ec39b99c7357db145a093de56e8005d39a058ee8c0498b3fa891b441af6eaa25bbf3c1dfd7
Static task
static1
Malware Config
Extracted
redline
UTS
45.9.20.20:13441
Targets
-
-
Target
4b4caac9b37e2081b2b5e33de0214c226ef3ab957e7bee1255b81c34d59fea33
-
Size
250KB
-
MD5
2e9226c77d8d80677d35a48bc1d5bf19
-
SHA1
b8dc5fb61fd1bc2e599dba3f1b37249d271e896f
-
SHA256
4b4caac9b37e2081b2b5e33de0214c226ef3ab957e7bee1255b81c34d59fea33
-
SHA512
b0864787f90260be96c1a4a4f3bff0a5625fd17da9ae7af9c21485ec39b99c7357db145a093de56e8005d39a058ee8c0498b3fa891b441af6eaa25bbf3c1dfd7
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-