General
-
Target
19d390fbe3da552929498622c2588a3bcba4cf9c13b8f.exe
-
Size
313KB
-
Sample
211001-ewdl2sagd6
-
MD5
a61020210efb3d65c3ee06d385dd979c
-
SHA1
5ac0ce24fb565fd5000d50f92ed9c59bd409a4ce
-
SHA256
19d390fbe3da552929498622c2588a3bcba4cf9c13b8fe98503f94fe6ce5fa38
-
SHA512
fae97e45a302d68c70d49b85fdcdbd34ea2a044ac8faee2fcbd9bf476f61e7687dd6f9c0398e1bc8f1c2a7c2b57271e9ffdf3d7138cbcbf4211ceb40954f57e5
Static task
static1
Behavioral task
behavioral1
Sample
19d390fbe3da552929498622c2588a3bcba4cf9c13b8f.exe
Resource
win7-en-20210920
Malware Config
Extracted
redline
build1
77.232.36.199:32336
Targets
-
-
Target
19d390fbe3da552929498622c2588a3bcba4cf9c13b8f.exe
-
Size
313KB
-
MD5
a61020210efb3d65c3ee06d385dd979c
-
SHA1
5ac0ce24fb565fd5000d50f92ed9c59bd409a4ce
-
SHA256
19d390fbe3da552929498622c2588a3bcba4cf9c13b8fe98503f94fe6ce5fa38
-
SHA512
fae97e45a302d68c70d49b85fdcdbd34ea2a044ac8faee2fcbd9bf476f61e7687dd6f9c0398e1bc8f1c2a7c2b57271e9ffdf3d7138cbcbf4211ceb40954f57e5
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-