General
-
Target
9fd5a295d9c662d120e8d2688ac4b645c3f4390299e4649b8bf76172f6a66425.bin
-
Size
188KB
-
Sample
210926-x6k3zsfbgq
-
MD5
07e9d4478cddb490f89b0edb4842ab0e
-
SHA1
48ea47adc76e29fbb23f8c82c7d1b4761f3216fa
-
SHA256
9fd5a295d9c662d120e8d2688ac4b645c3f4390299e4649b8bf76172f6a66425
-
SHA512
2e3bafe261b5e5f7d2006c6c9048aec7fd448ad0d54caff57412e68f177fa9284a451fa295b1fc15da5854e777761448997fd9ec76077dc8ab8bd7ae39fa01f8
Static task
static1
Behavioral task
behavioral1
Sample
9fd5a295d9c662d120e8d2688ac4b645c3f4390299e4649b8bf76172f6a66425.bin.exe
Resource
win7-en-20210920
Malware Config
Extracted
redline
UTS
45.9.20.20:13441
Targets
-
-
Target
9fd5a295d9c662d120e8d2688ac4b645c3f4390299e4649b8bf76172f6a66425.bin
-
Size
188KB
-
MD5
07e9d4478cddb490f89b0edb4842ab0e
-
SHA1
48ea47adc76e29fbb23f8c82c7d1b4761f3216fa
-
SHA256
9fd5a295d9c662d120e8d2688ac4b645c3f4390299e4649b8bf76172f6a66425
-
SHA512
2e3bafe261b5e5f7d2006c6c9048aec7fd448ad0d54caff57412e68f177fa9284a451fa295b1fc15da5854e777761448997fd9ec76077dc8ab8bd7ae39fa01f8
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-