General
-
Target
896fac4008c204c3f40d13312fa4d99d2033f59e75ef73d34c46fa0fba962fdc
-
Size
414KB
-
Sample
211020-1dj7rshfc4
-
MD5
33b43639b1e169b23ead48d27114a103
-
SHA1
a296b2140d0f6fd2237101f52fd5cbbba890b4fe
-
SHA256
896fac4008c204c3f40d13312fa4d99d2033f59e75ef73d34c46fa0fba962fdc
-
SHA512
336e2520d8a344f1ac4ec427573d17932896c3bb9746850011f127182afa906b0ad77bd5b7d516954cb143cb7b4a324ebf7e7cfd27794e974f98d8066ffd9818
Static task
static1
Malware Config
Extracted
redline
UTS
45.9.20.182:52236
Targets
-
-
Target
896fac4008c204c3f40d13312fa4d99d2033f59e75ef73d34c46fa0fba962fdc
-
Size
414KB
-
MD5
33b43639b1e169b23ead48d27114a103
-
SHA1
a296b2140d0f6fd2237101f52fd5cbbba890b4fe
-
SHA256
896fac4008c204c3f40d13312fa4d99d2033f59e75ef73d34c46fa0fba962fdc
-
SHA512
336e2520d8a344f1ac4ec427573d17932896c3bb9746850011f127182afa906b0ad77bd5b7d516954cb143cb7b4a324ebf7e7cfd27794e974f98d8066ffd9818
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-