General
-
Target
c293aa5eae5de125e19b8206e1d1f3eeffd921baad20f04a7038f5a4d2e45f0f
-
Size
363KB
-
Sample
211019-tgjbbagbd7
-
MD5
c3836b408be2973983951d1eb06985e3
-
SHA1
ef6ee3714f97e7d2d2fc31bff2ab06de60ebbb29
-
SHA256
c293aa5eae5de125e19b8206e1d1f3eeffd921baad20f04a7038f5a4d2e45f0f
-
SHA512
9d5f458643bd5749c0dd0282ce0c997d8a0d9b02704f17e414dce2567194084b6fda833a2e160572580a8052240f45c529f260f4b70fdee9a07028491bd041e1
Static task
static1
Malware Config
Extracted
redline
UTS
45.9.20.182:52236
Targets
-
-
Target
c293aa5eae5de125e19b8206e1d1f3eeffd921baad20f04a7038f5a4d2e45f0f
-
Size
363KB
-
MD5
c3836b408be2973983951d1eb06985e3
-
SHA1
ef6ee3714f97e7d2d2fc31bff2ab06de60ebbb29
-
SHA256
c293aa5eae5de125e19b8206e1d1f3eeffd921baad20f04a7038f5a4d2e45f0f
-
SHA512
9d5f458643bd5749c0dd0282ce0c997d8a0d9b02704f17e414dce2567194084b6fda833a2e160572580a8052240f45c529f260f4b70fdee9a07028491bd041e1
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-