General
-
Target
5ef7eda044eb6cb797cf79486f8a8717a2ecde4a593d77389b1e636cbd925ddc
-
Size
363KB
-
Sample
211019-t671zahbaq
-
MD5
28b52ffcc8cbe116e62b7afdb1355de1
-
SHA1
fd5b9255236129678eea3b94b8a150fa7e321ef7
-
SHA256
5ef7eda044eb6cb797cf79486f8a8717a2ecde4a593d77389b1e636cbd925ddc
-
SHA512
b6cdb1b06304c98cfdfd53fc10dd667dc584641f4c4eae6fce92b89660abb6817b9e5a06b9c5cfbe44a04e36f93258368cc717ecc1f2dddac21cf808ea979884
Static task
static1
Malware Config
Extracted
redline
PUB
45.9.20.182:52236
Targets
-
-
Target
5ef7eda044eb6cb797cf79486f8a8717a2ecde4a593d77389b1e636cbd925ddc
-
Size
363KB
-
MD5
28b52ffcc8cbe116e62b7afdb1355de1
-
SHA1
fd5b9255236129678eea3b94b8a150fa7e321ef7
-
SHA256
5ef7eda044eb6cb797cf79486f8a8717a2ecde4a593d77389b1e636cbd925ddc
-
SHA512
b6cdb1b06304c98cfdfd53fc10dd667dc584641f4c4eae6fce92b89660abb6817b9e5a06b9c5cfbe44a04e36f93258368cc717ecc1f2dddac21cf808ea979884
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-