General
-
Target
f1d83f3c30658ddff9efd866d06b7b5db3e0b999b699aead43de4ba3d6e3fc84
-
Size
387KB
-
Sample
211015-sd7ztsbgfj
-
MD5
5cbb7d5ad4093165191596a1f3c6007c
-
SHA1
e36c8d00c1000ccc8caccbbaab2be92ca137007a
-
SHA256
f1d83f3c30658ddff9efd866d06b7b5db3e0b999b699aead43de4ba3d6e3fc84
-
SHA512
9b551fe980445c9ee1b25f4d6f4924abbd49b5e5267dbbd177062714c93b33ec31761883a1f4066a909aa651cdb7ed2d9f5dc593d9ea6002606a6c19b690c45f
Static task
static1
Malware Config
Extracted
redline
paladin
37.228.129.48:29795
Targets
-
-
Target
f1d83f3c30658ddff9efd866d06b7b5db3e0b999b699aead43de4ba3d6e3fc84
-
Size
387KB
-
MD5
5cbb7d5ad4093165191596a1f3c6007c
-
SHA1
e36c8d00c1000ccc8caccbbaab2be92ca137007a
-
SHA256
f1d83f3c30658ddff9efd866d06b7b5db3e0b999b699aead43de4ba3d6e3fc84
-
SHA512
9b551fe980445c9ee1b25f4d6f4924abbd49b5e5267dbbd177062714c93b33ec31761883a1f4066a909aa651cdb7ed2d9f5dc593d9ea6002606a6c19b690c45f
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-