General
-
Target
cc438f53329f64a14d3b19eb8dd682ed25999824d31a9e306f914b08d7fa6e5f
-
Size
337KB
-
Sample
211021-h6y8aaaggq
-
MD5
af9c0c00d26f6f4e229755f9e35d6d1a
-
SHA1
0b230c9384f5d3f9473829030c1f132b0ee7665d
-
SHA256
cc438f53329f64a14d3b19eb8dd682ed25999824d31a9e306f914b08d7fa6e5f
-
SHA512
eea4acd4d9417cfbcff6ef283eaa262d0e69ebe73e7726ea8f63218fc3acecfa20299cf280df4c4cef28ffaffc410cb724163fdcacd96b8568ceb921d871ffdb
Static task
static1
Malware Config
Extracted
redline
PUB
45.9.20.182:52236
Targets
-
-
Target
cc438f53329f64a14d3b19eb8dd682ed25999824d31a9e306f914b08d7fa6e5f
-
Size
337KB
-
MD5
af9c0c00d26f6f4e229755f9e35d6d1a
-
SHA1
0b230c9384f5d3f9473829030c1f132b0ee7665d
-
SHA256
cc438f53329f64a14d3b19eb8dd682ed25999824d31a9e306f914b08d7fa6e5f
-
SHA512
eea4acd4d9417cfbcff6ef283eaa262d0e69ebe73e7726ea8f63218fc3acecfa20299cf280df4c4cef28ffaffc410cb724163fdcacd96b8568ceb921d871ffdb
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-