General
-
Target
41401817a2be6b387587faa05c39f201bcd93e550e89e1f03e4a58061ad8a8e8
-
Size
363KB
-
Sample
211019-pchrrsgffp
-
MD5
c95af6be9448814ee841d8458e57f117
-
SHA1
20249f040ea299c415fe13aab5975089ad958c4c
-
SHA256
41401817a2be6b387587faa05c39f201bcd93e550e89e1f03e4a58061ad8a8e8
-
SHA512
be1f80791d7515d9f60d011d4b5747e2e34ef032a07d131f67d351246a7ecc69b1c6300fd7862ee515d83b399c04992c60b80dd67a777730c279ad7169137937
Static task
static1
Malware Config
Extracted
redline
UTS
45.9.20.182:52236
Targets
-
-
Target
41401817a2be6b387587faa05c39f201bcd93e550e89e1f03e4a58061ad8a8e8
-
Size
363KB
-
MD5
c95af6be9448814ee841d8458e57f117
-
SHA1
20249f040ea299c415fe13aab5975089ad958c4c
-
SHA256
41401817a2be6b387587faa05c39f201bcd93e550e89e1f03e4a58061ad8a8e8
-
SHA512
be1f80791d7515d9f60d011d4b5747e2e34ef032a07d131f67d351246a7ecc69b1c6300fd7862ee515d83b399c04992c60b80dd67a777730c279ad7169137937
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-