General
-
Target
609c932add32b9bb41a62c72785ac4fcef3866eb931c4c60130ceada0213cdb8
-
Size
405KB
-
Sample
211023-kvyhqadbgk
-
MD5
14c6f9030d5efd442c41f05f8e986eb0
-
SHA1
c4f934cb9f474029df215de029ae7653525c7ecc
-
SHA256
609c932add32b9bb41a62c72785ac4fcef3866eb931c4c60130ceada0213cdb8
-
SHA512
ba0c49552686e012a1cc153bf03173eecb448b2fea55fa7e3cc484bba99032dc4f20bf366043c973829a153c9fcad4266b26538b8da2f3eea2aa145b3260a840
Static task
static1
Malware Config
Extracted
redline
BTC-2021
2.56.214.190:59628
Targets
-
-
Target
609c932add32b9bb41a62c72785ac4fcef3866eb931c4c60130ceada0213cdb8
-
Size
405KB
-
MD5
14c6f9030d5efd442c41f05f8e986eb0
-
SHA1
c4f934cb9f474029df215de029ae7653525c7ecc
-
SHA256
609c932add32b9bb41a62c72785ac4fcef3866eb931c4c60130ceada0213cdb8
-
SHA512
ba0c49552686e012a1cc153bf03173eecb448b2fea55fa7e3cc484bba99032dc4f20bf366043c973829a153c9fcad4266b26538b8da2f3eea2aa145b3260a840
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-