General
-
Target
49989277ef89edb0383d3bb0422822cde63db87ce197690fb4797547e02bf492
-
Size
382KB
-
Sample
211019-2sfcssgdf2
-
MD5
665ff901b165008676931690fe15d411
-
SHA1
3815552e27eaaae14d588930ab5e1b8c6355d3aa
-
SHA256
49989277ef89edb0383d3bb0422822cde63db87ce197690fb4797547e02bf492
-
SHA512
8a1a9941135b0759d156eab2fe9b4b1c0c4f48f0601abd5376402be072c55b8a9f06872a5a25a67c61b0b5de89943b8ac8fe8ac7ed26b9b944e62120d7783c12
Static task
static1
Malware Config
Extracted
redline
UTS
45.9.20.182:52236
Targets
-
-
Target
49989277ef89edb0383d3bb0422822cde63db87ce197690fb4797547e02bf492
-
Size
382KB
-
MD5
665ff901b165008676931690fe15d411
-
SHA1
3815552e27eaaae14d588930ab5e1b8c6355d3aa
-
SHA256
49989277ef89edb0383d3bb0422822cde63db87ce197690fb4797547e02bf492
-
SHA512
8a1a9941135b0759d156eab2fe9b4b1c0c4f48f0601abd5376402be072c55b8a9f06872a5a25a67c61b0b5de89943b8ac8fe8ac7ed26b9b944e62120d7783c12
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-