General
-
Target
76a8570515a8173c42df20d6de47f5b805f4d25eeb3dd0224ed96263021a8b09
-
Size
336KB
-
Sample
211021-b3teasafcj
-
MD5
5db305ee5e9aed7cff26257ea7597f20
-
SHA1
eaacd39d43879f84d2ef5783b16c20ad819544e8
-
SHA256
76a8570515a8173c42df20d6de47f5b805f4d25eeb3dd0224ed96263021a8b09
-
SHA512
d692faac88ac19afe5fc318d4d77ee1e5ccefd1badf17a3918953b94aae2bee8a2ba02bb628d79bc4f2bb59e329dfa3cdadf8a30366fd33cd714c8a812f1e030
Static task
static1
Malware Config
Extracted
redline
UTS
45.9.20.182:52236
Targets
-
-
Target
76a8570515a8173c42df20d6de47f5b805f4d25eeb3dd0224ed96263021a8b09
-
Size
336KB
-
MD5
5db305ee5e9aed7cff26257ea7597f20
-
SHA1
eaacd39d43879f84d2ef5783b16c20ad819544e8
-
SHA256
76a8570515a8173c42df20d6de47f5b805f4d25eeb3dd0224ed96263021a8b09
-
SHA512
d692faac88ac19afe5fc318d4d77ee1e5ccefd1badf17a3918953b94aae2bee8a2ba02bb628d79bc4f2bb59e329dfa3cdadf8a30366fd33cd714c8a812f1e030
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-