General
-
Target
ef1bb3e18558e26d550ce853776d3e64c491abc15037ff73b60d95fd74a00198
-
Size
369KB
-
Sample
211015-2fr6tscdap
-
MD5
39c0f5636dd0ac2bdf1cc2fa7c20acd2
-
SHA1
97ff73eda0c48530463d02623edbe1517be5982b
-
SHA256
ef1bb3e18558e26d550ce853776d3e64c491abc15037ff73b60d95fd74a00198
-
SHA512
5a255bf6073e1994abcef770d965d4058c2856167e35e63bd0639297f133d63ab4cba6147688c8d7962d4ac19858260a864949db966b7186df72b16d70ab6e30
Static task
static1
Malware Config
Extracted
redline
UTS
45.9.20.182:52236
Targets
-
-
Target
ef1bb3e18558e26d550ce853776d3e64c491abc15037ff73b60d95fd74a00198
-
Size
369KB
-
MD5
39c0f5636dd0ac2bdf1cc2fa7c20acd2
-
SHA1
97ff73eda0c48530463d02623edbe1517be5982b
-
SHA256
ef1bb3e18558e26d550ce853776d3e64c491abc15037ff73b60d95fd74a00198
-
SHA512
5a255bf6073e1994abcef770d965d4058c2856167e35e63bd0639297f133d63ab4cba6147688c8d7962d4ac19858260a864949db966b7186df72b16d70ab6e30
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-