General
-
Target
c6148aa1dc23ace56375f84182b40c601bd9e9bdbff743c195d7ffb3707fb11b
-
Size
366KB
-
Sample
211015-rbsxfsbgbp
-
MD5
0dfca2a6763fe1bb70c8f5112ba4528d
-
SHA1
d1f9b7680a81e21dee464f7d674b2508a01e0f75
-
SHA256
c6148aa1dc23ace56375f84182b40c601bd9e9bdbff743c195d7ffb3707fb11b
-
SHA512
94c095d6f0846e2651634ae8e0322966ba440abb43fceb1fbea605f9c9c85c3fc909164e6eff293238b9d100a54d1b86dd62e4ff617ba3c04df45b96a50d491a
Static task
static1
Malware Config
Extracted
redline
PUB
45.9.20.182:52236
Targets
-
-
Target
c6148aa1dc23ace56375f84182b40c601bd9e9bdbff743c195d7ffb3707fb11b
-
Size
366KB
-
MD5
0dfca2a6763fe1bb70c8f5112ba4528d
-
SHA1
d1f9b7680a81e21dee464f7d674b2508a01e0f75
-
SHA256
c6148aa1dc23ace56375f84182b40c601bd9e9bdbff743c195d7ffb3707fb11b
-
SHA512
94c095d6f0846e2651634ae8e0322966ba440abb43fceb1fbea605f9c9c85c3fc909164e6eff293238b9d100a54d1b86dd62e4ff617ba3c04df45b96a50d491a
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-