General
-
Target
b8ae98e37ac6e24f37c48a8cc8d3c97904aea13712c5021fd4b4ff27cd576aaa
-
Size
243KB
-
Sample
210926-tb6vesfba8
-
MD5
79d7ceee89e898e8631e7d6a15705bc0
-
SHA1
dd2d3c01f980cf7e7670c3ffcb1ee013ab61dbd1
-
SHA256
b8ae98e37ac6e24f37c48a8cc8d3c97904aea13712c5021fd4b4ff27cd576aaa
-
SHA512
b6ce3bd47d1baca01592f2e8393e3608ff0d4653a43671384cd5574ec726d95c43e965d955d7d22f986bfa3c4a2e451cd92bc29f17d906843548eca1c3554627
Static task
static1
Malware Config
Extracted
redline
PUB
45.9.20.20:13441
Targets
-
-
Target
b8ae98e37ac6e24f37c48a8cc8d3c97904aea13712c5021fd4b4ff27cd576aaa
-
Size
243KB
-
MD5
79d7ceee89e898e8631e7d6a15705bc0
-
SHA1
dd2d3c01f980cf7e7670c3ffcb1ee013ab61dbd1
-
SHA256
b8ae98e37ac6e24f37c48a8cc8d3c97904aea13712c5021fd4b4ff27cd576aaa
-
SHA512
b6ce3bd47d1baca01592f2e8393e3608ff0d4653a43671384cd5574ec726d95c43e965d955d7d22f986bfa3c4a2e451cd92bc29f17d906843548eca1c3554627
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-