General
-
Target
bfb83edc637768778626c6e2ac3a83a35b173ad091a8240f63a2aa0fbffd68a6
-
Size
369KB
-
Sample
211015-x16gqscbar
-
MD5
ef6118510ae253b29f4151ab4e346dad
-
SHA1
50790956406468660f721d7cfac1e76935eabf46
-
SHA256
bfb83edc637768778626c6e2ac3a83a35b173ad091a8240f63a2aa0fbffd68a6
-
SHA512
d531eee70670eba89ddffd61d0fc031e871169e0cbc42ea5595eb04e2059d33d0af02342ade900a0cae0e1009e233034a285896738655c090e4a87bc215b66f4
Static task
static1
Malware Config
Extracted
redline
UTS
45.9.20.182:52236
Targets
-
-
Target
bfb83edc637768778626c6e2ac3a83a35b173ad091a8240f63a2aa0fbffd68a6
-
Size
369KB
-
MD5
ef6118510ae253b29f4151ab4e346dad
-
SHA1
50790956406468660f721d7cfac1e76935eabf46
-
SHA256
bfb83edc637768778626c6e2ac3a83a35b173ad091a8240f63a2aa0fbffd68a6
-
SHA512
d531eee70670eba89ddffd61d0fc031e871169e0cbc42ea5595eb04e2059d33d0af02342ade900a0cae0e1009e233034a285896738655c090e4a87bc215b66f4
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-