General
-
Target
beee867fa2178301d6b192334e40d40d514bbf7c3b17a73ec79e4e2312219b84
-
Size
364KB
-
Sample
211019-rt5nzaghdm
-
MD5
d70f1b062b3816d1375aa09e027e7c09
-
SHA1
7f3ccfcc04d5ae45a1ddcacec8ffa36f9fe63b4a
-
SHA256
beee867fa2178301d6b192334e40d40d514bbf7c3b17a73ec79e4e2312219b84
-
SHA512
5ed8a422361f2e3a0474cb51f7e3cdde3911ffafbfb6fe1a5f22979c8d0475df803f6c67c0c3b580c62bb807a6d51e9e8a90c88ebcd7f6aaa3aa94e9947e2abd
Static task
static1
Malware Config
Extracted
redline
PUB
45.9.20.182:52236
Targets
-
-
Target
beee867fa2178301d6b192334e40d40d514bbf7c3b17a73ec79e4e2312219b84
-
Size
364KB
-
MD5
d70f1b062b3816d1375aa09e027e7c09
-
SHA1
7f3ccfcc04d5ae45a1ddcacec8ffa36f9fe63b4a
-
SHA256
beee867fa2178301d6b192334e40d40d514bbf7c3b17a73ec79e4e2312219b84
-
SHA512
5ed8a422361f2e3a0474cb51f7e3cdde3911ffafbfb6fe1a5f22979c8d0475df803f6c67c0c3b580c62bb807a6d51e9e8a90c88ebcd7f6aaa3aa94e9947e2abd
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-