General
-
Target
4077f727154ed1790c94730e3c43b86acd23a51070a0b479dd18d3d432956608
-
Size
239KB
-
Sample
210927-a8e87afdcj
-
MD5
cd8d1c617fa690f8f8680e12e1d18426
-
SHA1
b62788f696172ca5d6a052d8819862aa1b1f8926
-
SHA256
4077f727154ed1790c94730e3c43b86acd23a51070a0b479dd18d3d432956608
-
SHA512
31442a42069809e491e149c26942a185cf5be15efbe41c324bc562b9aafaa4fae55a37b6f52fe20111fe377c217fcc0e3fae00961a6dbe4c2c44703e9fa27aef
Static task
static1
Malware Config
Extracted
redline
UTS
45.9.20.20:13441
Targets
-
-
Target
4077f727154ed1790c94730e3c43b86acd23a51070a0b479dd18d3d432956608
-
Size
239KB
-
MD5
cd8d1c617fa690f8f8680e12e1d18426
-
SHA1
b62788f696172ca5d6a052d8819862aa1b1f8926
-
SHA256
4077f727154ed1790c94730e3c43b86acd23a51070a0b479dd18d3d432956608
-
SHA512
31442a42069809e491e149c26942a185cf5be15efbe41c324bc562b9aafaa4fae55a37b6f52fe20111fe377c217fcc0e3fae00961a6dbe4c2c44703e9fa27aef
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-