General
-
Target
bfe4f238621fe4aff338743905fbcfe84c55ec1a862f419d425d16dd6e9f0138
-
Size
363KB
-
Sample
211019-m9tjesffh3
-
MD5
fccc3519ad86703a35a55906d2b21c45
-
SHA1
a96eebf5fd7a39b75c4bd1495764087121a038a4
-
SHA256
bfe4f238621fe4aff338743905fbcfe84c55ec1a862f419d425d16dd6e9f0138
-
SHA512
f0a38f766dcc28bdd173a7201e32364eac70285975683e00440c1155b213f090362386d0058802d9e7f87c464a45eb5268525089000e6d6199b485bf9f260af0
Static task
static1
Malware Config
Extracted
redline
UTS
45.9.20.182:52236
Targets
-
-
Target
bfe4f238621fe4aff338743905fbcfe84c55ec1a862f419d425d16dd6e9f0138
-
Size
363KB
-
MD5
fccc3519ad86703a35a55906d2b21c45
-
SHA1
a96eebf5fd7a39b75c4bd1495764087121a038a4
-
SHA256
bfe4f238621fe4aff338743905fbcfe84c55ec1a862f419d425d16dd6e9f0138
-
SHA512
f0a38f766dcc28bdd173a7201e32364eac70285975683e00440c1155b213f090362386d0058802d9e7f87c464a45eb5268525089000e6d6199b485bf9f260af0
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-