General
-
Target
efee4a878c259d84e52a55bbe26b1d40dcce4ed075e0a0a63608f409d7ffd7f2
-
Size
390KB
-
Sample
211016-agg9gabfa7
-
MD5
97cb48bae49704a25f6cf6ee44b92e87
-
SHA1
6ef9acc3fba2d20c9798142e38f0b67cf904f252
-
SHA256
efee4a878c259d84e52a55bbe26b1d40dcce4ed075e0a0a63608f409d7ffd7f2
-
SHA512
920fb19a6cca43527dbce30e36de56e8fb694545cf3eebb366aa6bc6f549732b41cf386c0d96036baf377de6ad6dae54161e32035c06c73ab9cbf1ddea7c7287
Static task
static1
Malware Config
Extracted
redline
paladin
37.228.129.48:29795
Targets
-
-
Target
efee4a878c259d84e52a55bbe26b1d40dcce4ed075e0a0a63608f409d7ffd7f2
-
Size
390KB
-
MD5
97cb48bae49704a25f6cf6ee44b92e87
-
SHA1
6ef9acc3fba2d20c9798142e38f0b67cf904f252
-
SHA256
efee4a878c259d84e52a55bbe26b1d40dcce4ed075e0a0a63608f409d7ffd7f2
-
SHA512
920fb19a6cca43527dbce30e36de56e8fb694545cf3eebb366aa6bc6f549732b41cf386c0d96036baf377de6ad6dae54161e32035c06c73ab9cbf1ddea7c7287
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-