General
-
Target
02a5b0a799fe8631e17f3a80cbf0994f0c4d4d5ad13c4b909779765494e9f34b
-
Size
337KB
-
Sample
211021-htjl3aaaa2
-
MD5
abec41a6c6c77e88e69dfaac43fc0cb3
-
SHA1
2cf77728c4c6292416e0a0f0731611da85989ecb
-
SHA256
02a5b0a799fe8631e17f3a80cbf0994f0c4d4d5ad13c4b909779765494e9f34b
-
SHA512
017ee1914f2e89d6d4e17fc83c355551c11e630e5984d41ceca2a6ce1811a1d8e246f05382080e27cb000946d48f7557430e3e0075668101643326c51704e309
Static task
static1
Malware Config
Extracted
redline
UTS
45.9.20.182:52236
Targets
-
-
Target
02a5b0a799fe8631e17f3a80cbf0994f0c4d4d5ad13c4b909779765494e9f34b
-
Size
337KB
-
MD5
abec41a6c6c77e88e69dfaac43fc0cb3
-
SHA1
2cf77728c4c6292416e0a0f0731611da85989ecb
-
SHA256
02a5b0a799fe8631e17f3a80cbf0994f0c4d4d5ad13c4b909779765494e9f34b
-
SHA512
017ee1914f2e89d6d4e17fc83c355551c11e630e5984d41ceca2a6ce1811a1d8e246f05382080e27cb000946d48f7557430e3e0075668101643326c51704e309
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-