General
-
Target
511c44b15f1f66930d3023f8f175b880f5975bbf6c5e298ce43a1559589c2ba9
-
Size
369KB
-
Sample
211015-x171kacbbj
-
MD5
d66c013829800d64d8e472deec98d3a3
-
SHA1
1fff1fd3fb1e468118add1cd2b7e0cb985055638
-
SHA256
511c44b15f1f66930d3023f8f175b880f5975bbf6c5e298ce43a1559589c2ba9
-
SHA512
269f645971ec870ab24f93fdf971abc75b852459e9da1507eab03ae3a9239bc09c6cf0491c86d94fe9cefcab13d8c6c273a7e01d4b25aee2b1c3a380e82aa2a6
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.182:52236
Targets
-
-
Target
511c44b15f1f66930d3023f8f175b880f5975bbf6c5e298ce43a1559589c2ba9
-
Size
369KB
-
MD5
d66c013829800d64d8e472deec98d3a3
-
SHA1
1fff1fd3fb1e468118add1cd2b7e0cb985055638
-
SHA256
511c44b15f1f66930d3023f8f175b880f5975bbf6c5e298ce43a1559589c2ba9
-
SHA512
269f645971ec870ab24f93fdf971abc75b852459e9da1507eab03ae3a9239bc09c6cf0491c86d94fe9cefcab13d8c6c273a7e01d4b25aee2b1c3a380e82aa2a6
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-