General
-
Target
b0499a51859335b2d0d3f01e818a4427df930de8e70c8112d84bf2f8d2c3572e
-
Size
415KB
-
Sample
211020-13r9nshfd4
-
MD5
390f455cfa23b1674855b594ad02913e
-
SHA1
371e6c49c5fd423db7db0cdee9bb2c36f9c7e168
-
SHA256
b0499a51859335b2d0d3f01e818a4427df930de8e70c8112d84bf2f8d2c3572e
-
SHA512
746d59523eb1c2906ddcfdf2bb72148675cb86afe87aa6d91f6b79ddabca608b5669fee1d8258656ffed203901938a987a101aef25a0b7645d3c7f66a82b645a
Static task
static1
Malware Config
Extracted
redline
UTS
45.9.20.182:52236
Targets
-
-
Target
b0499a51859335b2d0d3f01e818a4427df930de8e70c8112d84bf2f8d2c3572e
-
Size
415KB
-
MD5
390f455cfa23b1674855b594ad02913e
-
SHA1
371e6c49c5fd423db7db0cdee9bb2c36f9c7e168
-
SHA256
b0499a51859335b2d0d3f01e818a4427df930de8e70c8112d84bf2f8d2c3572e
-
SHA512
746d59523eb1c2906ddcfdf2bb72148675cb86afe87aa6d91f6b79ddabca608b5669fee1d8258656ffed203901938a987a101aef25a0b7645d3c7f66a82b645a
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-