General
-
Target
e64ff63cb54ce8ac793e7534a161dd9e81e0d7a0092c1b391d8a1ace10172d05
-
Size
415KB
-
Sample
211020-1chbsahfc2
-
MD5
e56f00972a51ea456baf0857b8b30017
-
SHA1
9198f25c328b99d7b86e2b35ff491e86d7f86176
-
SHA256
e64ff63cb54ce8ac793e7534a161dd9e81e0d7a0092c1b391d8a1ace10172d05
-
SHA512
9c3ae58c216189fe474a54fd4636983fd43a62f52e5856aac03352f5543a3d28cb1c13459abd0c0ad18bad69c6d95e1e00a0bf2f17a34e403be5850f9d86c166
Static task
static1
Malware Config
Extracted
redline
PUB
45.9.20.182:52236
Targets
-
-
Target
e64ff63cb54ce8ac793e7534a161dd9e81e0d7a0092c1b391d8a1ace10172d05
-
Size
415KB
-
MD5
e56f00972a51ea456baf0857b8b30017
-
SHA1
9198f25c328b99d7b86e2b35ff491e86d7f86176
-
SHA256
e64ff63cb54ce8ac793e7534a161dd9e81e0d7a0092c1b391d8a1ace10172d05
-
SHA512
9c3ae58c216189fe474a54fd4636983fd43a62f52e5856aac03352f5543a3d28cb1c13459abd0c0ad18bad69c6d95e1e00a0bf2f17a34e403be5850f9d86c166
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-