General
-
Target
SecuriteInfo.com.Trojan.GenericKD.47252791.7056.9378
-
Size
331KB
-
Sample
211026-pz7z6shhhj
-
MD5
f1ed36675a693ff819bf7bf545b45da4
-
SHA1
349c43fd4aafb300f651aaebb0538983f8c82721
-
SHA256
7bb68f7b44def879deba98dc1011bd9b933323133938629a28ba830b76be4899
-
SHA512
6c142333c57e8cbec4d00a84cc73ceba829b543541d07e324cc7c25bc785638949ba5be52ee6cdcb414ed8f1f12fd547dfb32bd8dffe20f10b6ee2a3c2022cf5
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.GenericKD.47252791.7056.9378.exe
Resource
win7-en-20210920
Malware Config
Extracted
redline
build999
109.107.191.123:52781
Targets
-
-
Target
SecuriteInfo.com.Trojan.GenericKD.47252791.7056.9378
-
Size
331KB
-
MD5
f1ed36675a693ff819bf7bf545b45da4
-
SHA1
349c43fd4aafb300f651aaebb0538983f8c82721
-
SHA256
7bb68f7b44def879deba98dc1011bd9b933323133938629a28ba830b76be4899
-
SHA512
6c142333c57e8cbec4d00a84cc73ceba829b543541d07e324cc7c25bc785638949ba5be52ee6cdcb414ed8f1f12fd547dfb32bd8dffe20f10b6ee2a3c2022cf5
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-