General
-
Target
4987bb01ce72f3f71870c04598412da9038d602b2fe655033d32b1d7061fd993
-
Size
337KB
-
Sample
211021-am7fjshfg8
-
MD5
281a18ac516786123a4adafa4f933a54
-
SHA1
a115555a4f83f98e017bf07b40f7552b0027649a
-
SHA256
4987bb01ce72f3f71870c04598412da9038d602b2fe655033d32b1d7061fd993
-
SHA512
f0f8df4009fd41282a035ee9c3a406459b0c17c456866b5e67588190b3ce4ddf7540eda3586ac334967fa4f1cb19e599cdf5bdf1a0b0ff2a0282d3d019c0896e
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.182:52236
Targets
-
-
Target
4987bb01ce72f3f71870c04598412da9038d602b2fe655033d32b1d7061fd993
-
Size
337KB
-
MD5
281a18ac516786123a4adafa4f933a54
-
SHA1
a115555a4f83f98e017bf07b40f7552b0027649a
-
SHA256
4987bb01ce72f3f71870c04598412da9038d602b2fe655033d32b1d7061fd993
-
SHA512
f0f8df4009fd41282a035ee9c3a406459b0c17c456866b5e67588190b3ce4ddf7540eda3586ac334967fa4f1cb19e599cdf5bdf1a0b0ff2a0282d3d019c0896e
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-