General
-
Target
3f9d3ff3bb81a73a33c1ea3be446188cff9edeaa8e1a63a6741b815e48b05dfa
-
Size
369KB
-
Sample
211015-x2ncjsbcf2
-
MD5
3b32afee256fd90df34adcd6465af6af
-
SHA1
f9f79d4b4e859e07951a8f254ff84c858c6fdae4
-
SHA256
3f9d3ff3bb81a73a33c1ea3be446188cff9edeaa8e1a63a6741b815e48b05dfa
-
SHA512
e94e47b7aa73232efc67912231126b022f5c6970467d8b329a7ac2337af6cecdd99f18babc953ce3e0dd11b5b1a71317f0cd1ec322b93c8ca4095dab39cc628f
Static task
static1
Malware Config
Extracted
redline
PUB
45.9.20.182:52236
Targets
-
-
Target
3f9d3ff3bb81a73a33c1ea3be446188cff9edeaa8e1a63a6741b815e48b05dfa
-
Size
369KB
-
MD5
3b32afee256fd90df34adcd6465af6af
-
SHA1
f9f79d4b4e859e07951a8f254ff84c858c6fdae4
-
SHA256
3f9d3ff3bb81a73a33c1ea3be446188cff9edeaa8e1a63a6741b815e48b05dfa
-
SHA512
e94e47b7aa73232efc67912231126b022f5c6970467d8b329a7ac2337af6cecdd99f18babc953ce3e0dd11b5b1a71317f0cd1ec322b93c8ca4095dab39cc628f
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-