General
-
Target
44222229edc69632d819df7c8e48a19f787a0635b7b64aae909e6756a85cdc37
-
Size
364KB
-
Sample
211019-kymwdsfea5
-
MD5
ed4d18faae9c766b0a81fa589224d8a7
-
SHA1
c390452a29e0d7735ad07cb98f31edc9e329aed1
-
SHA256
44222229edc69632d819df7c8e48a19f787a0635b7b64aae909e6756a85cdc37
-
SHA512
3132e48effaa368ecbb419f72f6d4a0a6483524aecef7162358fc538fa0d5dcc732c9c4b53ee9c0d6a4c183abb1ffe03d4cc0cf34c000bd60df6492cf8ec655b
Static task
static1
Malware Config
Extracted
redline
UTS
45.9.20.182:52236
Targets
-
-
Target
44222229edc69632d819df7c8e48a19f787a0635b7b64aae909e6756a85cdc37
-
Size
364KB
-
MD5
ed4d18faae9c766b0a81fa589224d8a7
-
SHA1
c390452a29e0d7735ad07cb98f31edc9e329aed1
-
SHA256
44222229edc69632d819df7c8e48a19f787a0635b7b64aae909e6756a85cdc37
-
SHA512
3132e48effaa368ecbb419f72f6d4a0a6483524aecef7162358fc538fa0d5dcc732c9c4b53ee9c0d6a4c183abb1ffe03d4cc0cf34c000bd60df6492cf8ec655b
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-