General
-
Target
1e1daae3257119a71a5f017ca4986a933a961b226955b651fc91502ac391a5fc
-
Size
361KB
-
Sample
211108-z2fc2sabgk
-
MD5
60c1c744ea8ef33fecca02fc1ed86d87
-
SHA1
8c63cb28883d6816e13a4a1da3915233687fb33f
-
SHA256
1e1daae3257119a71a5f017ca4986a933a961b226955b651fc91502ac391a5fc
-
SHA512
082e8176ab8648e3427f2fcbc6c472ea47091e14c9062214cc4f3a6b33336e18a8c2c5d48cda0be855b1f9e4d9c06ea90584ee5b8b6381b5cb01f474642b2ea0
Static task
static1
Malware Config
Extracted
redline
09.11
185.215.113.17:7700
Targets
-
-
Target
1e1daae3257119a71a5f017ca4986a933a961b226955b651fc91502ac391a5fc
-
Size
361KB
-
MD5
60c1c744ea8ef33fecca02fc1ed86d87
-
SHA1
8c63cb28883d6816e13a4a1da3915233687fb33f
-
SHA256
1e1daae3257119a71a5f017ca4986a933a961b226955b651fc91502ac391a5fc
-
SHA512
082e8176ab8648e3427f2fcbc6c472ea47091e14c9062214cc4f3a6b33336e18a8c2c5d48cda0be855b1f9e4d9c06ea90584ee5b8b6381b5cb01f474642b2ea0
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-