General
-
Target
56a30bab2f5259cce27e5abd859e51add621764a58d1e1c14584129ab03d710a
-
Size
415KB
-
Sample
211022-lkj31sccfl
-
MD5
9d15ff4a226c89cf2cf6acfa0918e718
-
SHA1
eb6a0bfc09a41b72f5e31321f276cfa9ae1f09f6
-
SHA256
56a30bab2f5259cce27e5abd859e51add621764a58d1e1c14584129ab03d710a
-
SHA512
ee7ed3b4fdce8e5ad1c1ea8f525657dac75ee970d7ca36982bfdcf42a0be4b9e1437d1fb6a0efe94368c1d03ebc0c871a83634b2503a54dbb082f9f07fd7b368
Static task
static1
Malware Config
Extracted
redline
BTC-2021
2.56.214.190:59628
Targets
-
-
Target
56a30bab2f5259cce27e5abd859e51add621764a58d1e1c14584129ab03d710a
-
Size
415KB
-
MD5
9d15ff4a226c89cf2cf6acfa0918e718
-
SHA1
eb6a0bfc09a41b72f5e31321f276cfa9ae1f09f6
-
SHA256
56a30bab2f5259cce27e5abd859e51add621764a58d1e1c14584129ab03d710a
-
SHA512
ee7ed3b4fdce8e5ad1c1ea8f525657dac75ee970d7ca36982bfdcf42a0be4b9e1437d1fb6a0efe94368c1d03ebc0c871a83634b2503a54dbb082f9f07fd7b368
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-