General
-
Target
de6a5ff313889779bf9563075f91444794fa1ada977fa67606a52cd715a6fc15
-
Size
405KB
-
Sample
211023-m8fk6sccf5
-
MD5
0f76fe2289c38d7562227b6cfdc80fa7
-
SHA1
4c57df6061faafaf1c68ddc1729c3f4d7b340d78
-
SHA256
de6a5ff313889779bf9563075f91444794fa1ada977fa67606a52cd715a6fc15
-
SHA512
834ac17ec1894a80d8299961d01de8f33485b0363adb4819615ff1175e83190e82786c6671b37360d1b9834d465b798c7e4e072db1900f7efb9600b9031d2e3a
Static task
static1
Malware Config
Extracted
redline
BTC-2021
2.56.214.190:59628
Targets
-
-
Target
de6a5ff313889779bf9563075f91444794fa1ada977fa67606a52cd715a6fc15
-
Size
405KB
-
MD5
0f76fe2289c38d7562227b6cfdc80fa7
-
SHA1
4c57df6061faafaf1c68ddc1729c3f4d7b340d78
-
SHA256
de6a5ff313889779bf9563075f91444794fa1ada977fa67606a52cd715a6fc15
-
SHA512
834ac17ec1894a80d8299961d01de8f33485b0363adb4819615ff1175e83190e82786c6671b37360d1b9834d465b798c7e4e072db1900f7efb9600b9031d2e3a
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-