General
-
Target
801a0368948e73d44a941f7b87f823c5ff9e835e05f5e311008dfc225516d12b
-
Size
364KB
-
Sample
211019-n1k2csgfdr
-
MD5
9c1f1c36c6aa8eb67b031b40f1229539
-
SHA1
3d0812d63f5fa9129a5dcb5569d58bff6f273f81
-
SHA256
801a0368948e73d44a941f7b87f823c5ff9e835e05f5e311008dfc225516d12b
-
SHA512
bb2cb4ae1f32de6ac70b266dbef1c8d5141a0b5da6b40e21e9ed8bf1defffc9ca5c591068f1d96db97e4935fbb02069e3d42f4297f89f40ca0268031794628a9
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.182:52236
Targets
-
-
Target
801a0368948e73d44a941f7b87f823c5ff9e835e05f5e311008dfc225516d12b
-
Size
364KB
-
MD5
9c1f1c36c6aa8eb67b031b40f1229539
-
SHA1
3d0812d63f5fa9129a5dcb5569d58bff6f273f81
-
SHA256
801a0368948e73d44a941f7b87f823c5ff9e835e05f5e311008dfc225516d12b
-
SHA512
bb2cb4ae1f32de6ac70b266dbef1c8d5141a0b5da6b40e21e9ed8bf1defffc9ca5c591068f1d96db97e4935fbb02069e3d42f4297f89f40ca0268031794628a9
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-