General
-
Target
6d3a636af6b2025544e60dbf701297fb7e7128c6faf8ee5cd8bcf04a96b6a205
-
Size
337KB
-
Sample
211019-1py53agde2
-
MD5
95fa0a7b2239745fd1671b5f7838016a
-
SHA1
7db502826d7ed9216859c70c34e4a3b13822dcb6
-
SHA256
6d3a636af6b2025544e60dbf701297fb7e7128c6faf8ee5cd8bcf04a96b6a205
-
SHA512
2a2cf3db3815cf02f2de05970eaa17313bef687862f6a9648f0fe431fbb862561aa7ebee11ac5a7a7b40fe0063e205e5a7ac50190f5ea33851d161aa2ff1570a
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.182:52236
Targets
-
-
Target
6d3a636af6b2025544e60dbf701297fb7e7128c6faf8ee5cd8bcf04a96b6a205
-
Size
337KB
-
MD5
95fa0a7b2239745fd1671b5f7838016a
-
SHA1
7db502826d7ed9216859c70c34e4a3b13822dcb6
-
SHA256
6d3a636af6b2025544e60dbf701297fb7e7128c6faf8ee5cd8bcf04a96b6a205
-
SHA512
2a2cf3db3815cf02f2de05970eaa17313bef687862f6a9648f0fe431fbb862561aa7ebee11ac5a7a7b40fe0063e205e5a7ac50190f5ea33851d161aa2ff1570a
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-