General
-
Target
024d4f197aebfaf89e3372643261ad3fb4aac1bc330d0e31d60bfbf533a668d6
-
Size
390KB
-
Sample
211015-x88l3abda4
-
MD5
3491b7da642c43b5108ca3067cfaa782
-
SHA1
b8cedb36f00acf94f5294bed77216aec9e1b48ea
-
SHA256
024d4f197aebfaf89e3372643261ad3fb4aac1bc330d0e31d60bfbf533a668d6
-
SHA512
0b3e9fe600615976563a4728a8100a16d7953cad937d1297f8b2e5be6fe94a1ae24fab011d36af16947515d0daf26750a89ac917d621fd60ea93ade0603bde8c
Static task
static1
Malware Config
Extracted
redline
paladin
37.228.129.48:29795
Targets
-
-
Target
024d4f197aebfaf89e3372643261ad3fb4aac1bc330d0e31d60bfbf533a668d6
-
Size
390KB
-
MD5
3491b7da642c43b5108ca3067cfaa782
-
SHA1
b8cedb36f00acf94f5294bed77216aec9e1b48ea
-
SHA256
024d4f197aebfaf89e3372643261ad3fb4aac1bc330d0e31d60bfbf533a668d6
-
SHA512
0b3e9fe600615976563a4728a8100a16d7953cad937d1297f8b2e5be6fe94a1ae24fab011d36af16947515d0daf26750a89ac917d621fd60ea93ade0603bde8c
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-