General
-
Target
a64b6bc3246545742869b4468a3661fdd784eee51feb9bafe91ac8b399ae7f13
-
Size
366KB
-
Sample
211015-rt5zqsbgcr
-
MD5
5cd91c3d690abcf88d480dfcadb55691
-
SHA1
40663383a674eba48601fe261844477d0b391723
-
SHA256
a64b6bc3246545742869b4468a3661fdd784eee51feb9bafe91ac8b399ae7f13
-
SHA512
a638399c07f1ff37ecdb5b1cbd66558a29d85a23cb5553251818d24f805f0b831c2b606f483b28f33a3892684f9bed4f84db6ed1011584c06064d825b2b17461
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.182:52236
Targets
-
-
Target
a64b6bc3246545742869b4468a3661fdd784eee51feb9bafe91ac8b399ae7f13
-
Size
366KB
-
MD5
5cd91c3d690abcf88d480dfcadb55691
-
SHA1
40663383a674eba48601fe261844477d0b391723
-
SHA256
a64b6bc3246545742869b4468a3661fdd784eee51feb9bafe91ac8b399ae7f13
-
SHA512
a638399c07f1ff37ecdb5b1cbd66558a29d85a23cb5553251818d24f805f0b831c2b606f483b28f33a3892684f9bed4f84db6ed1011584c06064d825b2b17461
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-