General
-
Target
839c528efbfc353aa8dc1f51b2a502cf3ba68d1c71ff5b1e6fbc9a490e254ce8
-
Size
381KB
-
Sample
211019-2s27kahdal
-
MD5
5611023880fc12bf983c349ab34ddc4b
-
SHA1
4da1c929678f4028a09aa3ee832de82868f117e6
-
SHA256
839c528efbfc353aa8dc1f51b2a502cf3ba68d1c71ff5b1e6fbc9a490e254ce8
-
SHA512
4117e65102959aa411c23614c3c8e04633721dfa2e42ac9d12b82f416462580bf30cd8c05bc97d26ec87ac2141c2f2395506e346a69a27805240ad2ef64ebc33
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.182:52236
Targets
-
-
Target
839c528efbfc353aa8dc1f51b2a502cf3ba68d1c71ff5b1e6fbc9a490e254ce8
-
Size
381KB
-
MD5
5611023880fc12bf983c349ab34ddc4b
-
SHA1
4da1c929678f4028a09aa3ee832de82868f117e6
-
SHA256
839c528efbfc353aa8dc1f51b2a502cf3ba68d1c71ff5b1e6fbc9a490e254ce8
-
SHA512
4117e65102959aa411c23614c3c8e04633721dfa2e42ac9d12b82f416462580bf30cd8c05bc97d26ec87ac2141c2f2395506e346a69a27805240ad2ef64ebc33
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-