General
-
Target
f2daa6612e2b856c0ae3a5dda95b63a94c41c0e2cda30539249d42c59c235623
-
Size
243KB
-
Sample
210926-r7qrzaehdn
-
MD5
d2aab101152e38f070c47e667232d6a3
-
SHA1
2b57ece616241610c71c1a2d74ce1e41990ef822
-
SHA256
f2daa6612e2b856c0ae3a5dda95b63a94c41c0e2cda30539249d42c59c235623
-
SHA512
4a7e3204f4c6ae31db5621d289a9a8129a332f88b5cff823b46ee74191c8d0b1d0a176ce83ebc86fb523553e755b06d3feb328f1d03150b4e402ce9eb1f37408
Static task
static1
Malware Config
Extracted
redline
PUB
45.9.20.20:13441
Targets
-
-
Target
f2daa6612e2b856c0ae3a5dda95b63a94c41c0e2cda30539249d42c59c235623
-
Size
243KB
-
MD5
d2aab101152e38f070c47e667232d6a3
-
SHA1
2b57ece616241610c71c1a2d74ce1e41990ef822
-
SHA256
f2daa6612e2b856c0ae3a5dda95b63a94c41c0e2cda30539249d42c59c235623
-
SHA512
4a7e3204f4c6ae31db5621d289a9a8129a332f88b5cff823b46ee74191c8d0b1d0a176ce83ebc86fb523553e755b06d3feb328f1d03150b4e402ce9eb1f37408
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-