General
-
Target
8a5f042309d6e151cecce4d0bbc7b60f5c49399ce92ff8613643ab347adf86b9
-
Size
337KB
-
Sample
211021-j8d6kaaac9
-
MD5
620188cb6aaa339c107e09875cb09fbf
-
SHA1
a80731b65b21450b6247569983fdd0cf224b78b3
-
SHA256
8a5f042309d6e151cecce4d0bbc7b60f5c49399ce92ff8613643ab347adf86b9
-
SHA512
597a091bcb8242597914ff6d260c0477e794d1cd12d2ecbac3f6ba27e5dace2f1ddcb5c0523a57b8b9093eba468b3c120b422322d6f4c81a7b5bfbb9d8117151
Static task
static1
Malware Config
Extracted
redline
UTS
45.9.20.182:52236
Targets
-
-
Target
8a5f042309d6e151cecce4d0bbc7b60f5c49399ce92ff8613643ab347adf86b9
-
Size
337KB
-
MD5
620188cb6aaa339c107e09875cb09fbf
-
SHA1
a80731b65b21450b6247569983fdd0cf224b78b3
-
SHA256
8a5f042309d6e151cecce4d0bbc7b60f5c49399ce92ff8613643ab347adf86b9
-
SHA512
597a091bcb8242597914ff6d260c0477e794d1cd12d2ecbac3f6ba27e5dace2f1ddcb5c0523a57b8b9093eba468b3c120b422322d6f4c81a7b5bfbb9d8117151
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-