General
-
Target
7190c46f0a17aa5841b6627fd8e81bb83eaceea4e0ba774951fcd908cff68e5c
-
Size
363KB
-
Sample
211019-ln7cqafec2
-
MD5
9d18ea39754a52acb9787a724c4515bb
-
SHA1
afec1d8e1cb47bb3ec2366e850abf56f714f226d
-
SHA256
7190c46f0a17aa5841b6627fd8e81bb83eaceea4e0ba774951fcd908cff68e5c
-
SHA512
e43a70ab3a48c6f823bcdba3e54d375eadd7a7bec6606669f336a6fcefd2e32d8b7fa039686e8d1a70c2f57437a505532ba74ab60d3284e64ca46acdc195224f
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.182:52236
Targets
-
-
Target
7190c46f0a17aa5841b6627fd8e81bb83eaceea4e0ba774951fcd908cff68e5c
-
Size
363KB
-
MD5
9d18ea39754a52acb9787a724c4515bb
-
SHA1
afec1d8e1cb47bb3ec2366e850abf56f714f226d
-
SHA256
7190c46f0a17aa5841b6627fd8e81bb83eaceea4e0ba774951fcd908cff68e5c
-
SHA512
e43a70ab3a48c6f823bcdba3e54d375eadd7a7bec6606669f336a6fcefd2e32d8b7fa039686e8d1a70c2f57437a505532ba74ab60d3284e64ca46acdc195224f
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-