General
-
Target
d7c31e6f12f50d92ffccdb177e42f9e7efbe7d903ed98a668972a701abe70219
-
Size
390KB
-
Sample
211015-2ez52scdan
-
MD5
fdcf1776dacb816342fda38a8191932e
-
SHA1
7cd877d3dff2df0ecaceb28f8cf85fbd324474d6
-
SHA256
d7c31e6f12f50d92ffccdb177e42f9e7efbe7d903ed98a668972a701abe70219
-
SHA512
d078126494b214a198ddac2f90a67c7f4c8ae5d591e0e3b17debce22ea77360c2bd7a05d130179ca2bc5f6d68b35ce3b2a3877ef994f81cea1a5d29cfd828adb
Static task
static1
Malware Config
Extracted
redline
paladin
37.228.129.48:29795
Targets
-
-
Target
d7c31e6f12f50d92ffccdb177e42f9e7efbe7d903ed98a668972a701abe70219
-
Size
390KB
-
MD5
fdcf1776dacb816342fda38a8191932e
-
SHA1
7cd877d3dff2df0ecaceb28f8cf85fbd324474d6
-
SHA256
d7c31e6f12f50d92ffccdb177e42f9e7efbe7d903ed98a668972a701abe70219
-
SHA512
d078126494b214a198ddac2f90a67c7f4c8ae5d591e0e3b17debce22ea77360c2bd7a05d130179ca2bc5f6d68b35ce3b2a3877ef994f81cea1a5d29cfd828adb
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-