General
-
Target
206cd7c952b152246783fcd8ba1c63f0789a5959b646a5cec7cf016bf8e770c1
-
Size
336KB
-
Sample
211020-3pq6kahff4
-
MD5
05c41e4f4cbd22f049f925ae4107bda6
-
SHA1
17d35e76ff4cfa57f79c699bd5b8ae17ddc55213
-
SHA256
206cd7c952b152246783fcd8ba1c63f0789a5959b646a5cec7cf016bf8e770c1
-
SHA512
68e898b851fde3183010467dac331bcb18019110222b43c0869584cf66a48ee829c9b68bb88d19044141845cba585fef3dfe7a11ead65d6ddc1f7afb1713929d
Static task
static1
Malware Config
Extracted
redline
UTS
45.9.20.182:52236
Targets
-
-
Target
206cd7c952b152246783fcd8ba1c63f0789a5959b646a5cec7cf016bf8e770c1
-
Size
336KB
-
MD5
05c41e4f4cbd22f049f925ae4107bda6
-
SHA1
17d35e76ff4cfa57f79c699bd5b8ae17ddc55213
-
SHA256
206cd7c952b152246783fcd8ba1c63f0789a5959b646a5cec7cf016bf8e770c1
-
SHA512
68e898b851fde3183010467dac331bcb18019110222b43c0869584cf66a48ee829c9b68bb88d19044141845cba585fef3dfe7a11ead65d6ddc1f7afb1713929d
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-