General
-
Target
f04d0f53ad5b0971f20ed5b9b79a16cf4b5d53d1c5c0afca419e32201529e54f
-
Size
404KB
-
Sample
211022-3gz4hacbe2
-
MD5
8e50ef70f42d8d0f8b0ce551dbbbc5c4
-
SHA1
fd232494013818e2099e0d4b8d16ef385861a90c
-
SHA256
f04d0f53ad5b0971f20ed5b9b79a16cf4b5d53d1c5c0afca419e32201529e54f
-
SHA512
ca9b66f107a23f80253a8c4f839b9b14acb6882968ff42a7c0697d930bbe3d5248a5c4d3364a0d5ae8737e112907f225d602047d65d26aac8754a17ed96cfaf9
Static task
static1
Malware Config
Extracted
redline
BTC-2021
2.56.214.190:59628
Targets
-
-
Target
f04d0f53ad5b0971f20ed5b9b79a16cf4b5d53d1c5c0afca419e32201529e54f
-
Size
404KB
-
MD5
8e50ef70f42d8d0f8b0ce551dbbbc5c4
-
SHA1
fd232494013818e2099e0d4b8d16ef385861a90c
-
SHA256
f04d0f53ad5b0971f20ed5b9b79a16cf4b5d53d1c5c0afca419e32201529e54f
-
SHA512
ca9b66f107a23f80253a8c4f839b9b14acb6882968ff42a7c0697d930bbe3d5248a5c4d3364a0d5ae8737e112907f225d602047d65d26aac8754a17ed96cfaf9
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-