General
-
Target
70dbc71c2d626ff70c4e85592aafd606b15e7b44c886961276186e03f354c531
-
Size
414KB
-
Sample
211022-wdjtsabhe5
-
MD5
33c54c09602bf7a07dfa71c8ebc1678f
-
SHA1
0b344cbe21a0f49acd1f117c8b85d179e2db29b0
-
SHA256
70dbc71c2d626ff70c4e85592aafd606b15e7b44c886961276186e03f354c531
-
SHA512
373a381262db75bc954e1aa16b0cabdfeb4ea4158ccb4609d70abcb2e990757770ceaa3ec1e99919bba79401ac9ba52717d5d55197ac858dd94a1cc94f3dd208
Static task
static1
Malware Config
Extracted
redline
BTC-2021
2.56.214.190:59628
Targets
-
-
Target
70dbc71c2d626ff70c4e85592aafd606b15e7b44c886961276186e03f354c531
-
Size
414KB
-
MD5
33c54c09602bf7a07dfa71c8ebc1678f
-
SHA1
0b344cbe21a0f49acd1f117c8b85d179e2db29b0
-
SHA256
70dbc71c2d626ff70c4e85592aafd606b15e7b44c886961276186e03f354c531
-
SHA512
373a381262db75bc954e1aa16b0cabdfeb4ea4158ccb4609d70abcb2e990757770ceaa3ec1e99919bba79401ac9ba52717d5d55197ac858dd94a1cc94f3dd208
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-