General
-
Target
de5635d42f03a3bc24329303792c640d993dccda9737b106aff9ef7b55e60498
-
Size
364KB
-
Sample
211019-pc4n8sgffr
-
MD5
0aa1e62a1d99ce66aa458c4720cd3e2b
-
SHA1
f298d5168ba4cd5859809de358266efbab98c8c3
-
SHA256
de5635d42f03a3bc24329303792c640d993dccda9737b106aff9ef7b55e60498
-
SHA512
821559b84de091b4f35bca4dcdbe2d79b3c3533b614921a90b74ae313118081f86aeab015a27e0607046b1817681568ef8143d8879f06afb4757fa5f2d8cc8f3
Static task
static1
Malware Config
Extracted
redline
PUB
45.9.20.182:52236
Targets
-
-
Target
de5635d42f03a3bc24329303792c640d993dccda9737b106aff9ef7b55e60498
-
Size
364KB
-
MD5
0aa1e62a1d99ce66aa458c4720cd3e2b
-
SHA1
f298d5168ba4cd5859809de358266efbab98c8c3
-
SHA256
de5635d42f03a3bc24329303792c640d993dccda9737b106aff9ef7b55e60498
-
SHA512
821559b84de091b4f35bca4dcdbe2d79b3c3533b614921a90b74ae313118081f86aeab015a27e0607046b1817681568ef8143d8879f06afb4757fa5f2d8cc8f3
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-