General
-
Target
c630c274be2d484f05fb266ed1949308cfd2019e1110e61fb9141373fbef20ef
-
Size
366KB
-
Sample
211015-q5nzxsbgaj
-
MD5
dadc440d914d8095aeac7afc49f859ed
-
SHA1
aad2c9afd2c392f7d5ce1da11de44f2a1b4f964c
-
SHA256
c630c274be2d484f05fb266ed1949308cfd2019e1110e61fb9141373fbef20ef
-
SHA512
acb20093904039fe08a96bf952472fb14e93535de9513f1266e67ce0f0c4d0f77024b337125661970759cc0cbc62d09df999a0c44eccbc1179064b6cd91fce6e
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.182:52236
Targets
-
-
Target
c630c274be2d484f05fb266ed1949308cfd2019e1110e61fb9141373fbef20ef
-
Size
366KB
-
MD5
dadc440d914d8095aeac7afc49f859ed
-
SHA1
aad2c9afd2c392f7d5ce1da11de44f2a1b4f964c
-
SHA256
c630c274be2d484f05fb266ed1949308cfd2019e1110e61fb9141373fbef20ef
-
SHA512
acb20093904039fe08a96bf952472fb14e93535de9513f1266e67ce0f0c4d0f77024b337125661970759cc0cbc62d09df999a0c44eccbc1179064b6cd91fce6e
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-