General
-
Target
022b39ba6c96a3f8bedc8349167816ea8631ce3e05379bec0fabe2905183133d
-
Size
239KB
-
Sample
210926-wskdvsfca7
-
MD5
cdc869e08689f2f02c58cf79da590dcd
-
SHA1
5dab80445f3e9654c763930c81db38496bacb51b
-
SHA256
022b39ba6c96a3f8bedc8349167816ea8631ce3e05379bec0fabe2905183133d
-
SHA512
c0df9777b71f11338cf252131c4e50702045e55c46a05ce2a45c01c0ee7d6f9e3fe71524d7217c746bb13932d8ae0470998b626c3918c640083035f5401a5ada
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.20:13441
Targets
-
-
Target
022b39ba6c96a3f8bedc8349167816ea8631ce3e05379bec0fabe2905183133d
-
Size
239KB
-
MD5
cdc869e08689f2f02c58cf79da590dcd
-
SHA1
5dab80445f3e9654c763930c81db38496bacb51b
-
SHA256
022b39ba6c96a3f8bedc8349167816ea8631ce3e05379bec0fabe2905183133d
-
SHA512
c0df9777b71f11338cf252131c4e50702045e55c46a05ce2a45c01c0ee7d6f9e3fe71524d7217c746bb13932d8ae0470998b626c3918c640083035f5401a5ada
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-