General
-
Target
6b4ed503a863af28878282e1d7111172622ea22de1fe88e75683095c1f7f37ed
-
Size
370KB
-
Sample
211015-t6kknsbhcn
-
MD5
e8956fb9c849dc12893464fef88515b6
-
SHA1
61f51e229b52117106fe51d199e95b91c1ce0d69
-
SHA256
6b4ed503a863af28878282e1d7111172622ea22de1fe88e75683095c1f7f37ed
-
SHA512
dd95889bc0680be6a8fa768fd1d80f8907261aa5c71b4b6bcec221df59969576ff99bdeae7da228918e06f9e182c08d4dda63f2b5411a271588cbae41a262f87
Static task
static1
Malware Config
Extracted
redline
UTS
45.9.20.182:52236
Targets
-
-
Target
6b4ed503a863af28878282e1d7111172622ea22de1fe88e75683095c1f7f37ed
-
Size
370KB
-
MD5
e8956fb9c849dc12893464fef88515b6
-
SHA1
61f51e229b52117106fe51d199e95b91c1ce0d69
-
SHA256
6b4ed503a863af28878282e1d7111172622ea22de1fe88e75683095c1f7f37ed
-
SHA512
dd95889bc0680be6a8fa768fd1d80f8907261aa5c71b4b6bcec221df59969576ff99bdeae7da228918e06f9e182c08d4dda63f2b5411a271588cbae41a262f87
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-