General
-
Target
999ebb0492ba48ad3590e24a1d98f812fc91cf237638a2808b85339647460084
-
Size
243KB
-
Sample
210926-sxgxrafaaj
-
MD5
cd2a3d48facec65e72c06c15b8c3887d
-
SHA1
d0c0c7fe534a480e67227f1080d2db100b1d5b25
-
SHA256
999ebb0492ba48ad3590e24a1d98f812fc91cf237638a2808b85339647460084
-
SHA512
2901eeaf52925391db1fe847c8dd9e4e75e3ccf48640e20baa06104641c1432c7ccad7f22a945e57361017206a2ab0c90824ec00b1d146ac8f2ffeefc24019d7
Static task
static1
Malware Config
Extracted
redline
UTS
45.9.20.20:13441
Targets
-
-
Target
999ebb0492ba48ad3590e24a1d98f812fc91cf237638a2808b85339647460084
-
Size
243KB
-
MD5
cd2a3d48facec65e72c06c15b8c3887d
-
SHA1
d0c0c7fe534a480e67227f1080d2db100b1d5b25
-
SHA256
999ebb0492ba48ad3590e24a1d98f812fc91cf237638a2808b85339647460084
-
SHA512
2901eeaf52925391db1fe847c8dd9e4e75e3ccf48640e20baa06104641c1432c7ccad7f22a945e57361017206a2ab0c90824ec00b1d146ac8f2ffeefc24019d7
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-