General
-
Target
a252280730756ca7bfe0a6505d92c791d0eba91dba64da6199b0f3f15a96c62c
-
Size
403KB
-
Sample
211022-yxz18acah7
-
MD5
7ab263e7bf1193ee107166b30fc92313
-
SHA1
5d85fd9893d45024cc6c1e81a8c6f99087a9638b
-
SHA256
a252280730756ca7bfe0a6505d92c791d0eba91dba64da6199b0f3f15a96c62c
-
SHA512
f7e6be09047d7416ba81497a100fdfeb0c4d4d913f4becd09cfa2347fc6b5ae09230cb7eef67d75182b0785df55d63c6d3e6359dab7c01c6d986754f2d96b9c7
Static task
static1
Malware Config
Extracted
redline
BTC-2021
2.56.214.190:59628
Targets
-
-
Target
a252280730756ca7bfe0a6505d92c791d0eba91dba64da6199b0f3f15a96c62c
-
Size
403KB
-
MD5
7ab263e7bf1193ee107166b30fc92313
-
SHA1
5d85fd9893d45024cc6c1e81a8c6f99087a9638b
-
SHA256
a252280730756ca7bfe0a6505d92c791d0eba91dba64da6199b0f3f15a96c62c
-
SHA512
f7e6be09047d7416ba81497a100fdfeb0c4d4d913f4becd09cfa2347fc6b5ae09230cb7eef67d75182b0785df55d63c6d3e6359dab7c01c6d986754f2d96b9c7
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-