General
-
Target
45a4bccde7042725cce0a7b1a2b5d2f7fd5145b77d59a155570cd751bb7cba76
-
Size
336KB
-
Sample
211021-af5ndaaehp
-
MD5
fb8d3941266a70373470bdc928ff0d5f
-
SHA1
1ece8dfbae97f87af15429f5200ba390331f5007
-
SHA256
45a4bccde7042725cce0a7b1a2b5d2f7fd5145b77d59a155570cd751bb7cba76
-
SHA512
e4f47b146fe07221aa6238e9ae9f502db41ee3e21a64f0e792c856e2a91a924db1e2d54fee08a0dd14531ca63fa743cb90a3cb3b3f1dba6d8c07fc9e0896a4ea
Static task
static1
Malware Config
Extracted
redline
PUB
45.9.20.182:52236
Targets
-
-
Target
45a4bccde7042725cce0a7b1a2b5d2f7fd5145b77d59a155570cd751bb7cba76
-
Size
336KB
-
MD5
fb8d3941266a70373470bdc928ff0d5f
-
SHA1
1ece8dfbae97f87af15429f5200ba390331f5007
-
SHA256
45a4bccde7042725cce0a7b1a2b5d2f7fd5145b77d59a155570cd751bb7cba76
-
SHA512
e4f47b146fe07221aa6238e9ae9f502db41ee3e21a64f0e792c856e2a91a924db1e2d54fee08a0dd14531ca63fa743cb90a3cb3b3f1dba6d8c07fc9e0896a4ea
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-