General
-
Target
8459e09a286f48208915db747fb073c5a18b56461c6522b739f598f004b70048
-
Size
366KB
-
Sample
211015-sd48yabgeq
-
MD5
7d58487063e76dc47298587f951db6b4
-
SHA1
99756a453c1decf2fac6c95e65ad41cdcdaeb9d9
-
SHA256
8459e09a286f48208915db747fb073c5a18b56461c6522b739f598f004b70048
-
SHA512
5388e2b5fb9b74475984345b832ccabba3e17a13f5402659d5d3dc7607e953f98c28c8173e1b7a546043b117e0fecbd474c58dc2fa77896cad77fbc9995d984a
Static task
static1
Malware Config
Extracted
redline
UTS
45.9.20.182:52236
Targets
-
-
Target
8459e09a286f48208915db747fb073c5a18b56461c6522b739f598f004b70048
-
Size
366KB
-
MD5
7d58487063e76dc47298587f951db6b4
-
SHA1
99756a453c1decf2fac6c95e65ad41cdcdaeb9d9
-
SHA256
8459e09a286f48208915db747fb073c5a18b56461c6522b739f598f004b70048
-
SHA512
5388e2b5fb9b74475984345b832ccabba3e17a13f5402659d5d3dc7607e953f98c28c8173e1b7a546043b117e0fecbd474c58dc2fa77896cad77fbc9995d984a
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-