General
-
Target
420f7e4cb2bf97fb50c98488153abf12789e8552b05673e8a2249977a863c23a
-
Size
337KB
-
Sample
211021-g3xdvahhg2
-
MD5
63e7450f11cc22febc8a9d2ce2a6cfd4
-
SHA1
a5e60fbc17cb4cc20e401baeda4d20dfef629ba2
-
SHA256
420f7e4cb2bf97fb50c98488153abf12789e8552b05673e8a2249977a863c23a
-
SHA512
d97ef9fa2c54b610f8148455f18a078dbad71f631f4bc98f413047d505c7a529327af7da6d210aecb9405114f3db9c57dd82e0ff76ecff1df632c086ae2b5a3a
Static task
static1
Malware Config
Extracted
redline
UDP
45.9.20.182:52236
Targets
-
-
Target
420f7e4cb2bf97fb50c98488153abf12789e8552b05673e8a2249977a863c23a
-
Size
337KB
-
MD5
63e7450f11cc22febc8a9d2ce2a6cfd4
-
SHA1
a5e60fbc17cb4cc20e401baeda4d20dfef629ba2
-
SHA256
420f7e4cb2bf97fb50c98488153abf12789e8552b05673e8a2249977a863c23a
-
SHA512
d97ef9fa2c54b610f8148455f18a078dbad71f631f4bc98f413047d505c7a529327af7da6d210aecb9405114f3db9c57dd82e0ff76ecff1df632c086ae2b5a3a
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-