General
-
Target
71218208d84b115ed655f61612567817b254c697831b1f817719c86c9ad6eb57
-
Size
366KB
-
Sample
211015-r3lbpabgdp
-
MD5
99a3e3cd7d4051a824bddb3a82155ef7
-
SHA1
f41d8ecc1a0d19f34f615600e7f153b67bd019dc
-
SHA256
71218208d84b115ed655f61612567817b254c697831b1f817719c86c9ad6eb57
-
SHA512
4b14da01d79a489cc46601e9d2ca5755145712caa3d085e7e91d744ebb9f3feb32ce23ec015684c65a17d0cd9353e5164969a57da570624c41e54d692ba0a4f0
Static task
static1
Malware Config
Extracted
redline
UTS
45.9.20.182:52236
Targets
-
-
Target
71218208d84b115ed655f61612567817b254c697831b1f817719c86c9ad6eb57
-
Size
366KB
-
MD5
99a3e3cd7d4051a824bddb3a82155ef7
-
SHA1
f41d8ecc1a0d19f34f615600e7f153b67bd019dc
-
SHA256
71218208d84b115ed655f61612567817b254c697831b1f817719c86c9ad6eb57
-
SHA512
4b14da01d79a489cc46601e9d2ca5755145712caa3d085e7e91d744ebb9f3feb32ce23ec015684c65a17d0cd9353e5164969a57da570624c41e54d692ba0a4f0
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-