General
-
Target
6f621ab621df0fae847fa775544479461d6039f7adc068b2c55a898461f2bf5a
-
Size
336KB
-
Sample
211021-csjmsahgd4
-
MD5
a297fd35f0f74dff72e56d409f8e6961
-
SHA1
e02c50d11dd3f0f5c4b8160c10e3aacadb528679
-
SHA256
6f621ab621df0fae847fa775544479461d6039f7adc068b2c55a898461f2bf5a
-
SHA512
cd5f0f6f876d922b356f1c3575689559e7370ba6ab7c5db2bea9a7217ce1635664dc3fdc05f0da6d150cf0faf29159d2075a55db75f1d7cf48f6fbf6e6724534
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.182:52236
Targets
-
-
Target
6f621ab621df0fae847fa775544479461d6039f7adc068b2c55a898461f2bf5a
-
Size
336KB
-
MD5
a297fd35f0f74dff72e56d409f8e6961
-
SHA1
e02c50d11dd3f0f5c4b8160c10e3aacadb528679
-
SHA256
6f621ab621df0fae847fa775544479461d6039f7adc068b2c55a898461f2bf5a
-
SHA512
cd5f0f6f876d922b356f1c3575689559e7370ba6ab7c5db2bea9a7217ce1635664dc3fdc05f0da6d150cf0faf29159d2075a55db75f1d7cf48f6fbf6e6724534
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-