General
-
Target
26dbbe08897d02ba4a2e91bdcc19fef3ddc811f59593473871e088defc3ba511
-
Size
415KB
-
Sample
211020-yehzzshef3
-
MD5
b499c5d032cf8a82bf08365efc048172
-
SHA1
c59ed1e89ea56b8731dca0cbd417dd3ee7b8fd0d
-
SHA256
26dbbe08897d02ba4a2e91bdcc19fef3ddc811f59593473871e088defc3ba511
-
SHA512
e76026fb8a2d771ecd1d85656e45112117617d535a017602d70deeea0d646683dbf5439d900e02ce3cdd3fe82ada4c21639fb0a33832825ef08d2feb3346eb53
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.182:52236
Targets
-
-
Target
26dbbe08897d02ba4a2e91bdcc19fef3ddc811f59593473871e088defc3ba511
-
Size
415KB
-
MD5
b499c5d032cf8a82bf08365efc048172
-
SHA1
c59ed1e89ea56b8731dca0cbd417dd3ee7b8fd0d
-
SHA256
26dbbe08897d02ba4a2e91bdcc19fef3ddc811f59593473871e088defc3ba511
-
SHA512
e76026fb8a2d771ecd1d85656e45112117617d535a017602d70deeea0d646683dbf5439d900e02ce3cdd3fe82ada4c21639fb0a33832825ef08d2feb3346eb53
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-