General
-
Target
6a6b5b184dc1ded70da571aa8b2675e8dab3b7a13f5d1270f7b4a3e76c1b3607
-
Size
369KB
-
Sample
211016-d3j7qsbff6
-
MD5
74d4eb4611f0f13497e18e5564d0f7cb
-
SHA1
9397cf71a68613f4184836952f55fcdef78df1a6
-
SHA256
6a6b5b184dc1ded70da571aa8b2675e8dab3b7a13f5d1270f7b4a3e76c1b3607
-
SHA512
cb2d12edd0aae67d09658b519a00737b13bda036d9bb0dd3153e78591375c1ca4570139c8caba430a1de78d671ddfc94d1a96e5b6a2e8428e15148837bfebc06
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.182:52236
Targets
-
-
Target
6a6b5b184dc1ded70da571aa8b2675e8dab3b7a13f5d1270f7b4a3e76c1b3607
-
Size
369KB
-
MD5
74d4eb4611f0f13497e18e5564d0f7cb
-
SHA1
9397cf71a68613f4184836952f55fcdef78df1a6
-
SHA256
6a6b5b184dc1ded70da571aa8b2675e8dab3b7a13f5d1270f7b4a3e76c1b3607
-
SHA512
cb2d12edd0aae67d09658b519a00737b13bda036d9bb0dd3153e78591375c1ca4570139c8caba430a1de78d671ddfc94d1a96e5b6a2e8428e15148837bfebc06
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-