General
-
Target
af686aeb44ac7a8e9c6636974d7e18d2181d462987f5f76f97d60cf3bfa45a17
-
Size
243KB
-
Sample
210926-sxjfksfah3
-
MD5
8cfb1ea0f915be5fa9a7c982d7efc951
-
SHA1
55db2f972f2d3643222bb8db40f9bc5ef663414d
-
SHA256
af686aeb44ac7a8e9c6636974d7e18d2181d462987f5f76f97d60cf3bfa45a17
-
SHA512
6ff90f38f0e362bd167b95236058450412ea6d9b3ff28a3ec738d77fbf4c56d30678f11727f58648637bf8ea725f6d9f88f967497a75e51366bbc81c093ac3cb
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.20:13441
Targets
-
-
Target
af686aeb44ac7a8e9c6636974d7e18d2181d462987f5f76f97d60cf3bfa45a17
-
Size
243KB
-
MD5
8cfb1ea0f915be5fa9a7c982d7efc951
-
SHA1
55db2f972f2d3643222bb8db40f9bc5ef663414d
-
SHA256
af686aeb44ac7a8e9c6636974d7e18d2181d462987f5f76f97d60cf3bfa45a17
-
SHA512
6ff90f38f0e362bd167b95236058450412ea6d9b3ff28a3ec738d77fbf4c56d30678f11727f58648637bf8ea725f6d9f88f967497a75e51366bbc81c093ac3cb
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-