General
-
Target
6e29eb966532c84199385d0e16c3c293267b1cd3f29d70b16bf7f3192089b0e1
-
Size
238KB
-
Sample
210926-w55kkafbcq
-
MD5
18b7b8fc428c28bc545674bb1e7bae25
-
SHA1
f67472149291f1b551fdbbef82cd9c3870e570bf
-
SHA256
6e29eb966532c84199385d0e16c3c293267b1cd3f29d70b16bf7f3192089b0e1
-
SHA512
9000b06536a69e5bfc3ce525a0069b8d2b2363a2122b51dee6bdd02691f139306677d7090bd8f63682dc0cf44dcefa816d4ddae28e1e5ba956dcfe79dad0c489
Static task
static1
Malware Config
Extracted
redline
UTS
45.9.20.20:13441
Targets
-
-
Target
6e29eb966532c84199385d0e16c3c293267b1cd3f29d70b16bf7f3192089b0e1
-
Size
238KB
-
MD5
18b7b8fc428c28bc545674bb1e7bae25
-
SHA1
f67472149291f1b551fdbbef82cd9c3870e570bf
-
SHA256
6e29eb966532c84199385d0e16c3c293267b1cd3f29d70b16bf7f3192089b0e1
-
SHA512
9000b06536a69e5bfc3ce525a0069b8d2b2363a2122b51dee6bdd02691f139306677d7090bd8f63682dc0cf44dcefa816d4ddae28e1e5ba956dcfe79dad0c489
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-