General
-
Target
d09206af70338dcd9a16ecdbae1705f8364ad9b40d4e28d8b8ef32ad302a7353
-
Size
874KB
-
Sample
211027-gj6s6sagc5
-
MD5
4330492598c516c9cf0fd23c3ea4fd14
-
SHA1
c144152ef9b1ac38728380c6492ddb393c1b7304
-
SHA256
d09206af70338dcd9a16ecdbae1705f8364ad9b40d4e28d8b8ef32ad302a7353
-
SHA512
2bdf8dc93bba1f8cba089dae32100a5e140e6b6bec2cca67fd28cc33222ca62afaacca1f3d2c50b0a8626e0d204fba031d40553657bc92b8a830af48fb69f177
Static task
static1
Behavioral task
behavioral1
Sample
d09206af70338dcd9a16ecdbae1705f8364ad9b40d4e28d8b8ef32ad302a7353.exe
Resource
win10-en-20211014
Malware Config
Extracted
redline
dksajdlkj32lkj13211211
84.38.189.175:18214
Targets
-
-
Target
d09206af70338dcd9a16ecdbae1705f8364ad9b40d4e28d8b8ef32ad302a7353
-
Size
874KB
-
MD5
4330492598c516c9cf0fd23c3ea4fd14
-
SHA1
c144152ef9b1ac38728380c6492ddb393c1b7304
-
SHA256
d09206af70338dcd9a16ecdbae1705f8364ad9b40d4e28d8b8ef32ad302a7353
-
SHA512
2bdf8dc93bba1f8cba089dae32100a5e140e6b6bec2cca67fd28cc33222ca62afaacca1f3d2c50b0a8626e0d204fba031d40553657bc92b8a830af48fb69f177
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-