General
-
Target
9cf73a6e991fe190abc097a4e70829907eb3b15c2a828f187ab5a4110c098058
-
Size
239KB
-
Sample
210926-zfwsxafccp
-
MD5
d03a4570429fe1ce3e31882efc1172a3
-
SHA1
0ee4b0a4f2dc7ba1a4466eeadf395ef508adc48f
-
SHA256
9cf73a6e991fe190abc097a4e70829907eb3b15c2a828f187ab5a4110c098058
-
SHA512
5576f0d9c391e6c39235e351214d6372a75d0b238a3312c8d6f3eb1b72f875ddd1a029b141546d04be458abc9b2018d51d9b00f6e1e1982a25ab352a763be012
Static task
static1
Malware Config
Extracted
redline
PUB
45.9.20.20:13441
Targets
-
-
Target
9cf73a6e991fe190abc097a4e70829907eb3b15c2a828f187ab5a4110c098058
-
Size
239KB
-
MD5
d03a4570429fe1ce3e31882efc1172a3
-
SHA1
0ee4b0a4f2dc7ba1a4466eeadf395ef508adc48f
-
SHA256
9cf73a6e991fe190abc097a4e70829907eb3b15c2a828f187ab5a4110c098058
-
SHA512
5576f0d9c391e6c39235e351214d6372a75d0b238a3312c8d6f3eb1b72f875ddd1a029b141546d04be458abc9b2018d51d9b00f6e1e1982a25ab352a763be012
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-