General
-
Target
ce8818f746137a40d8e2cfd1cdbd8fb2dc4976d663241230188aff6bcfb16d90
-
Size
415KB
-
Sample
211022-nt5gescdfj
-
MD5
c1c03cbddff776182b7308e0771a2ef2
-
SHA1
9e686940aa127194781b4096393fbe04ff8cca8d
-
SHA256
ce8818f746137a40d8e2cfd1cdbd8fb2dc4976d663241230188aff6bcfb16d90
-
SHA512
f1ecae60c4d8201c26437527d7f49114479e17f2ddb1f891b75c160de9bcb604d522fb03c9fedcdce3dee54d47269bf957ab9faff3842c59326f5639e0a27845
Static task
static1
Malware Config
Extracted
redline
BTC-2021
2.56.214.190:59628
Targets
-
-
Target
ce8818f746137a40d8e2cfd1cdbd8fb2dc4976d663241230188aff6bcfb16d90
-
Size
415KB
-
MD5
c1c03cbddff776182b7308e0771a2ef2
-
SHA1
9e686940aa127194781b4096393fbe04ff8cca8d
-
SHA256
ce8818f746137a40d8e2cfd1cdbd8fb2dc4976d663241230188aff6bcfb16d90
-
SHA512
f1ecae60c4d8201c26437527d7f49114479e17f2ddb1f891b75c160de9bcb604d522fb03c9fedcdce3dee54d47269bf957ab9faff3842c59326f5639e0a27845
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-