General
-
Target
9b7c4934a7d229f63eb28cb99e42ce97f0b0ee1bb625d09e82081b0c2f1f72e3
-
Size
364KB
-
Sample
211019-t98fxahbbk
-
MD5
dee7d6fbaafed83e92d4dacc5ef4c869
-
SHA1
f3fb628757c69aeff6377f07a8b87219001972b5
-
SHA256
9b7c4934a7d229f63eb28cb99e42ce97f0b0ee1bb625d09e82081b0c2f1f72e3
-
SHA512
00700e8287eba342e82d04f7bf6fa4797f6ed52ee7a146060ffa4e562012851abd633b2f946d7b34a709b64a9c590d9cc95311928381f2c3621a43cc5799f2ec
Static task
static1
Malware Config
Extracted
redline
UTS
45.9.20.182:52236
Targets
-
-
Target
9b7c4934a7d229f63eb28cb99e42ce97f0b0ee1bb625d09e82081b0c2f1f72e3
-
Size
364KB
-
MD5
dee7d6fbaafed83e92d4dacc5ef4c869
-
SHA1
f3fb628757c69aeff6377f07a8b87219001972b5
-
SHA256
9b7c4934a7d229f63eb28cb99e42ce97f0b0ee1bb625d09e82081b0c2f1f72e3
-
SHA512
00700e8287eba342e82d04f7bf6fa4797f6ed52ee7a146060ffa4e562012851abd633b2f946d7b34a709b64a9c590d9cc95311928381f2c3621a43cc5799f2ec
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-