General
-
Target
a1484900470ab003ae61e404e5cca24ab4c6e7dae3670c96a5501dfd6d70d4f6
-
Size
364KB
-
Sample
211019-na5cbagfbp
-
MD5
abe03d36fda8d7c04ec29044850ca464
-
SHA1
107256547b200a92c335fecfa1ed551039876bd3
-
SHA256
a1484900470ab003ae61e404e5cca24ab4c6e7dae3670c96a5501dfd6d70d4f6
-
SHA512
4f27bc4d0ee9227a90abcdf6f71c80f7e27019c996f2e4d26509c758a496bc424c2368925f10feacda71b089a15a7c741705cb4b03914763aa382b0780883bb4
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.182:52236
Targets
-
-
Target
a1484900470ab003ae61e404e5cca24ab4c6e7dae3670c96a5501dfd6d70d4f6
-
Size
364KB
-
MD5
abe03d36fda8d7c04ec29044850ca464
-
SHA1
107256547b200a92c335fecfa1ed551039876bd3
-
SHA256
a1484900470ab003ae61e404e5cca24ab4c6e7dae3670c96a5501dfd6d70d4f6
-
SHA512
4f27bc4d0ee9227a90abcdf6f71c80f7e27019c996f2e4d26509c758a496bc424c2368925f10feacda71b089a15a7c741705cb4b03914763aa382b0780883bb4
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-