General
-
Target
76bb287210df68ff02e39ee1259373b513a58ae2d1ec31df6e30163f38f8e7fe
-
Size
381KB
-
Sample
211020-a11j6agdh6
-
MD5
b157dcdca6e833d317621a936f077b3c
-
SHA1
ff948fa42eff28692f299be4c7cd256bb8d81bce
-
SHA256
76bb287210df68ff02e39ee1259373b513a58ae2d1ec31df6e30163f38f8e7fe
-
SHA512
7ac8b9385311ea184eec132849c50db492ce565b4fed9eedf5d88674375b1e7d89785da7573f53bc62428e9db6a4db2c4b0d4838747f0fc45d939c7e02e0a81b
Static task
static1
Malware Config
Extracted
redline
UTS
45.9.20.182:52236
Targets
-
-
Target
76bb287210df68ff02e39ee1259373b513a58ae2d1ec31df6e30163f38f8e7fe
-
Size
381KB
-
MD5
b157dcdca6e833d317621a936f077b3c
-
SHA1
ff948fa42eff28692f299be4c7cd256bb8d81bce
-
SHA256
76bb287210df68ff02e39ee1259373b513a58ae2d1ec31df6e30163f38f8e7fe
-
SHA512
7ac8b9385311ea184eec132849c50db492ce565b4fed9eedf5d88674375b1e7d89785da7573f53bc62428e9db6a4db2c4b0d4838747f0fc45d939c7e02e0a81b
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-