General
-
Target
cabb827f972630f6eda1bed7680632776741722fc12b260164a29ab9abd4a092
-
Size
363KB
-
Sample
211019-kypd8agdbn
-
MD5
085e30bfb589c3535048ecebf4df2301
-
SHA1
002dc50751e39b200abe84d40a8fc6ca3eeb0d99
-
SHA256
cabb827f972630f6eda1bed7680632776741722fc12b260164a29ab9abd4a092
-
SHA512
b42e315b9cdf0f5af23ae543cad019f90e7e0f87ce5ab2565ccc56585ea493aa5a28844968737f2b1dc2bf10af26e349786954599302a2cba58fe69820739803
Static task
static1
Malware Config
Extracted
redline
PUB
45.9.20.182:52236
Targets
-
-
Target
cabb827f972630f6eda1bed7680632776741722fc12b260164a29ab9abd4a092
-
Size
363KB
-
MD5
085e30bfb589c3535048ecebf4df2301
-
SHA1
002dc50751e39b200abe84d40a8fc6ca3eeb0d99
-
SHA256
cabb827f972630f6eda1bed7680632776741722fc12b260164a29ab9abd4a092
-
SHA512
b42e315b9cdf0f5af23ae543cad019f90e7e0f87ce5ab2565ccc56585ea493aa5a28844968737f2b1dc2bf10af26e349786954599302a2cba58fe69820739803
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-