General
-
Target
ab8bb54bd8a028c845dff95aaabafa49b4d672d2c1af1b4a988f914c5b94ed3b
-
Size
337KB
-
Sample
211020-2et9ssaeej
-
MD5
7867044eafc27cb69972929779cd18c2
-
SHA1
62a2e8883b49988944aa44dc37a8da9c9b99b0e4
-
SHA256
ab8bb54bd8a028c845dff95aaabafa49b4d672d2c1af1b4a988f914c5b94ed3b
-
SHA512
2b9f96eed4bd25a1314da4934853e08018b43939d13a39997f11ec4d8aeb199443b443b4b63205d81610a2841a09f2eb49328a1b538ef3ad7f0624b6c9e100f4
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.182:52236
Targets
-
-
Target
ab8bb54bd8a028c845dff95aaabafa49b4d672d2c1af1b4a988f914c5b94ed3b
-
Size
337KB
-
MD5
7867044eafc27cb69972929779cd18c2
-
SHA1
62a2e8883b49988944aa44dc37a8da9c9b99b0e4
-
SHA256
ab8bb54bd8a028c845dff95aaabafa49b4d672d2c1af1b4a988f914c5b94ed3b
-
SHA512
2b9f96eed4bd25a1314da4934853e08018b43939d13a39997f11ec4d8aeb199443b443b4b63205d81610a2841a09f2eb49328a1b538ef3ad7f0624b6c9e100f4
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-