General
-
Target
e311d5cc96eea510a40f91806e47ca8c2003ea2d828daf0833d42d067de3b09a
-
Size
415KB
-
Sample
211020-zmzhdaaeap
-
MD5
9fbadac43bac48d10fad3b4e9446275b
-
SHA1
36136bef8e6dd3d8fa57289d78e3e1ebb6c04f83
-
SHA256
e311d5cc96eea510a40f91806e47ca8c2003ea2d828daf0833d42d067de3b09a
-
SHA512
8dcad8629b3c30d5617fc3da85e652072f51452345fd96a5b67c46701d1d66060350c9046a9258896d4e8d38a0d47d7eab2346e339f324a95d13998c2f986d58
Static task
static1
Malware Config
Extracted
redline
UTS
45.9.20.182:52236
Targets
-
-
Target
e311d5cc96eea510a40f91806e47ca8c2003ea2d828daf0833d42d067de3b09a
-
Size
415KB
-
MD5
9fbadac43bac48d10fad3b4e9446275b
-
SHA1
36136bef8e6dd3d8fa57289d78e3e1ebb6c04f83
-
SHA256
e311d5cc96eea510a40f91806e47ca8c2003ea2d828daf0833d42d067de3b09a
-
SHA512
8dcad8629b3c30d5617fc3da85e652072f51452345fd96a5b67c46701d1d66060350c9046a9258896d4e8d38a0d47d7eab2346e339f324a95d13998c2f986d58
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-