General
-
Target
e254b249a6834163c0bc8aa21a09f4cb353137c0d974ac70f3ad1aae42d89a80
-
Size
415KB
-
Sample
211020-1sjjsaaedk
-
MD5
74ffc8d2a95e8908341a1bcdfc6e0e7a
-
SHA1
fe21574436107b62348dc581ed474316ce701bb0
-
SHA256
e254b249a6834163c0bc8aa21a09f4cb353137c0d974ac70f3ad1aae42d89a80
-
SHA512
43fa06eac069dd266c40c2fc100b775eb6f567738343d150a7da1c077ac5d67a5551dc7ce825815e5a89df2a12643f52e2838eb97c6b130cd23b6651c023f8c9
Static task
static1
Malware Config
Extracted
redline
PUB
45.9.20.182:52236
Targets
-
-
Target
e254b249a6834163c0bc8aa21a09f4cb353137c0d974ac70f3ad1aae42d89a80
-
Size
415KB
-
MD5
74ffc8d2a95e8908341a1bcdfc6e0e7a
-
SHA1
fe21574436107b62348dc581ed474316ce701bb0
-
SHA256
e254b249a6834163c0bc8aa21a09f4cb353137c0d974ac70f3ad1aae42d89a80
-
SHA512
43fa06eac069dd266c40c2fc100b775eb6f567738343d150a7da1c077ac5d67a5551dc7ce825815e5a89df2a12643f52e2838eb97c6b130cd23b6651c023f8c9
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-