General
-
Target
371569c95dcb831b81552778bfa1673b5413bff8ac050e301be22b628c76ade3
-
Size
363KB
-
Sample
211019-mejqqsgehj
-
MD5
46d44c09c8aa1f9a0a938e30289f5c5d
-
SHA1
19da8bf53b4c81c8dcc0357757811975196ad597
-
SHA256
371569c95dcb831b81552778bfa1673b5413bff8ac050e301be22b628c76ade3
-
SHA512
00957484564027358c88f48c5b65631f3f3aac7f1c4df8f3b6ef1de56b5b46dbf26fd0e80220bdd8507cbc47401a8edd23d947fbc5ce82dc35fbf37d6e26632b
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.182:52236
Targets
-
-
Target
371569c95dcb831b81552778bfa1673b5413bff8ac050e301be22b628c76ade3
-
Size
363KB
-
MD5
46d44c09c8aa1f9a0a938e30289f5c5d
-
SHA1
19da8bf53b4c81c8dcc0357757811975196ad597
-
SHA256
371569c95dcb831b81552778bfa1673b5413bff8ac050e301be22b628c76ade3
-
SHA512
00957484564027358c88f48c5b65631f3f3aac7f1c4df8f3b6ef1de56b5b46dbf26fd0e80220bdd8507cbc47401a8edd23d947fbc5ce82dc35fbf37d6e26632b
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-