General
-
Target
bb9ec95680640ba5e8929c46603c930de0f5e4f96d0a45ac888653d2b14b16b0
-
Size
457KB
-
Sample
211022-jdlbdsbcc4
-
MD5
be0c93f02173a0281db9dbe84a651fc7
-
SHA1
616f615d6f4ace6894065903bdfb84a97db0be34
-
SHA256
bb9ec95680640ba5e8929c46603c930de0f5e4f96d0a45ac888653d2b14b16b0
-
SHA512
7b849bf7d4539366598162328b2ee0e17c943423717a931e26b0c0a83b17e467f48f01555e2dc9eecdb360de880d226e3455d37f17a0f7b7b92afe2566e13a04
Static task
static1
Malware Config
Targets
-
-
Target
bb9ec95680640ba5e8929c46603c930de0f5e4f96d0a45ac888653d2b14b16b0
-
Size
457KB
-
MD5
be0c93f02173a0281db9dbe84a651fc7
-
SHA1
616f615d6f4ace6894065903bdfb84a97db0be34
-
SHA256
bb9ec95680640ba5e8929c46603c930de0f5e4f96d0a45ac888653d2b14b16b0
-
SHA512
7b849bf7d4539366598162328b2ee0e17c943423717a931e26b0c0a83b17e467f48f01555e2dc9eecdb360de880d226e3455d37f17a0f7b7b92afe2566e13a04
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-