General
-
Target
be422bac500aba72b15e7b52b38fd0b94c4c47c6976cdc6e8270fd90179b7747
-
Size
337KB
-
Sample
211021-gde39sagbl
-
MD5
ef37e2bf25444412660ca1a119ae61e4
-
SHA1
bb654dffd0d78e40a59af89c01be7d4c0571f864
-
SHA256
be422bac500aba72b15e7b52b38fd0b94c4c47c6976cdc6e8270fd90179b7747
-
SHA512
6c35e9889cc2a1d57fb196fcd791ed573188118913d60fcfdaf04a2cccb69800f7dac2e57538a9ede3108c7c583ad1d931f299cca907f767c0a7d884cb5fa873
Static task
static1
Malware Config
Extracted
redline
UTS
45.9.20.182:52236
Targets
-
-
Target
be422bac500aba72b15e7b52b38fd0b94c4c47c6976cdc6e8270fd90179b7747
-
Size
337KB
-
MD5
ef37e2bf25444412660ca1a119ae61e4
-
SHA1
bb654dffd0d78e40a59af89c01be7d4c0571f864
-
SHA256
be422bac500aba72b15e7b52b38fd0b94c4c47c6976cdc6e8270fd90179b7747
-
SHA512
6c35e9889cc2a1d57fb196fcd791ed573188118913d60fcfdaf04a2cccb69800f7dac2e57538a9ede3108c7c583ad1d931f299cca907f767c0a7d884cb5fa873
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-