General
-
Target
58402389a4fa4526504e6fc3bd87c4a1d6bd087323cd2e0f468361bd4a846194
-
Size
364KB
-
Sample
211019-qeqqtsfha8
-
MD5
375cff77aac6d54d837cc3803d3c2c99
-
SHA1
bc31b73bb7df54dfac60c7b6baaf1b191e42989f
-
SHA256
58402389a4fa4526504e6fc3bd87c4a1d6bd087323cd2e0f468361bd4a846194
-
SHA512
7f8896ed92e3883f4f5296407116b583ba1d7ef1d09169d684024efd3a8d52d5281b33a24583ae0088fa9eba10a8110f4a4fe5e19fee3b632f1d8c3abeff614c
Static task
static1
Malware Config
Extracted
redline
PUB
45.9.20.182:52236
Targets
-
-
Target
58402389a4fa4526504e6fc3bd87c4a1d6bd087323cd2e0f468361bd4a846194
-
Size
364KB
-
MD5
375cff77aac6d54d837cc3803d3c2c99
-
SHA1
bc31b73bb7df54dfac60c7b6baaf1b191e42989f
-
SHA256
58402389a4fa4526504e6fc3bd87c4a1d6bd087323cd2e0f468361bd4a846194
-
SHA512
7f8896ed92e3883f4f5296407116b583ba1d7ef1d09169d684024efd3a8d52d5281b33a24583ae0088fa9eba10a8110f4a4fe5e19fee3b632f1d8c3abeff614c
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-