General
-
Target
320929233e78ba60ce011b9009e64f6817210ee03703bba593004d53615a7b90
-
Size
366KB
-
Sample
211015-p9k86aahh3
-
MD5
e9a41657f9605850ca98c48efb5d2018
-
SHA1
3dbb971d4d55fe905539c81eefe18792ed3c62e7
-
SHA256
320929233e78ba60ce011b9009e64f6817210ee03703bba593004d53615a7b90
-
SHA512
d1e174a18bf942e42ce8aef191fc69a0c6d7386367dc0bed44d7e6b0f6b12a160c2922962a6164d45635bcd9f6cb40cc530d15f8d0cd4038a8cbfd2076bf17d0
Static task
static1
Malware Config
Extracted
redline
UTS
45.9.20.182:52236
Targets
-
-
Target
320929233e78ba60ce011b9009e64f6817210ee03703bba593004d53615a7b90
-
Size
366KB
-
MD5
e9a41657f9605850ca98c48efb5d2018
-
SHA1
3dbb971d4d55fe905539c81eefe18792ed3c62e7
-
SHA256
320929233e78ba60ce011b9009e64f6817210ee03703bba593004d53615a7b90
-
SHA512
d1e174a18bf942e42ce8aef191fc69a0c6d7386367dc0bed44d7e6b0f6b12a160c2922962a6164d45635bcd9f6cb40cc530d15f8d0cd4038a8cbfd2076bf17d0
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-