General
-
Target
d68549067554697569e1566c1e4c993a7e84dae92fb30e39ac9f4fc184e48cd1
-
Size
397KB
-
Sample
211109-pccwhsfbf8
-
MD5
14eca5277b9f34afdf6445137f536d00
-
SHA1
dec70a64a1107aaa4737add0a3516c0dfe07353e
-
SHA256
d68549067554697569e1566c1e4c993a7e84dae92fb30e39ac9f4fc184e48cd1
-
SHA512
a94578a347b7fe60c36f413b806809c1771127b12db73538e735c43bfa42f45b9a965fe92ffd09bef753e4af2b211a0f6ff295aed1d40cf1f46eba8d65703c87
Static task
static1
Behavioral task
behavioral1
Sample
d68549067554697569e1566c1e4c993a7e84dae92fb30e39ac9f4fc184e48cd1.exe
Resource
win10-en-20211104
Malware Config
Extracted
redline
1132044836
185.183.32.184:80
Targets
-
-
Target
d68549067554697569e1566c1e4c993a7e84dae92fb30e39ac9f4fc184e48cd1
-
Size
397KB
-
MD5
14eca5277b9f34afdf6445137f536d00
-
SHA1
dec70a64a1107aaa4737add0a3516c0dfe07353e
-
SHA256
d68549067554697569e1566c1e4c993a7e84dae92fb30e39ac9f4fc184e48cd1
-
SHA512
a94578a347b7fe60c36f413b806809c1771127b12db73538e735c43bfa42f45b9a965fe92ffd09bef753e4af2b211a0f6ff295aed1d40cf1f46eba8d65703c87
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-