General
-
Target
7f6fc95590f93055956de7488fae0c6255e16d68887320efdd288f0d9f35fe4e
-
Size
382KB
-
Sample
211020-am4pnagdh2
-
MD5
3a0d99d41fa06a2ef03594466efc783c
-
SHA1
7f9cc1be082ba5f4b826c5df2229caf49f0c9d14
-
SHA256
7f6fc95590f93055956de7488fae0c6255e16d68887320efdd288f0d9f35fe4e
-
SHA512
d176c91fe3c1d9d1661fb60c91c2b2f9c6d34d0f2c53167cbbeea5404c66924684968bf57e3d80c5307f3a347958afea024fc8539678108f85659e8c212f96dc
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.182:52236
Targets
-
-
Target
7f6fc95590f93055956de7488fae0c6255e16d68887320efdd288f0d9f35fe4e
-
Size
382KB
-
MD5
3a0d99d41fa06a2ef03594466efc783c
-
SHA1
7f9cc1be082ba5f4b826c5df2229caf49f0c9d14
-
SHA256
7f6fc95590f93055956de7488fae0c6255e16d68887320efdd288f0d9f35fe4e
-
SHA512
d176c91fe3c1d9d1661fb60c91c2b2f9c6d34d0f2c53167cbbeea5404c66924684968bf57e3d80c5307f3a347958afea024fc8539678108f85659e8c212f96dc
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-