General
-
Target
0954426c7c56fb3c78e1797e0c34e89376966bccd93d498d7624cddd8c94d171
-
Size
238KB
-
Sample
210926-vcaztafaeq
-
MD5
88a1a180f27f70e7d97a01e5ef8e3eee
-
SHA1
0bd20efbbb875dbcb1348df0608a8203c8bc917d
-
SHA256
0954426c7c56fb3c78e1797e0c34e89376966bccd93d498d7624cddd8c94d171
-
SHA512
d226d119887e9cab331ded0f8224a21fd742cb154eaff504b9f831f76f2e4c4dcb23fa2cf521a74b8da19efe435d5196c9125c73128e958abec3e166ce804ec5
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.20:13441
Targets
-
-
Target
0954426c7c56fb3c78e1797e0c34e89376966bccd93d498d7624cddd8c94d171
-
Size
238KB
-
MD5
88a1a180f27f70e7d97a01e5ef8e3eee
-
SHA1
0bd20efbbb875dbcb1348df0608a8203c8bc917d
-
SHA256
0954426c7c56fb3c78e1797e0c34e89376966bccd93d498d7624cddd8c94d171
-
SHA512
d226d119887e9cab331ded0f8224a21fd742cb154eaff504b9f831f76f2e4c4dcb23fa2cf521a74b8da19efe435d5196c9125c73128e958abec3e166ce804ec5
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-