General
-
Target
38f32d0695d9ab8241e77200496f01eb7ee7d8a47d7406c7d80d2ccd067cf546
-
Size
393KB
-
Sample
211109-x3d59sfgf3
-
MD5
0fb2db60678f5b79e19243b16f275614
-
SHA1
526792aade4e25b9d1b6b53e10c39dc2286f55c3
-
SHA256
38f32d0695d9ab8241e77200496f01eb7ee7d8a47d7406c7d80d2ccd067cf546
-
SHA512
dfdf47960da4a5d64c39c5f0565373c177861e1dfce3026053aa783bde5c1cfa456ead77af3d6e70b6f29a6354927483ee6e2d51906f0bb526d7bf526206b879
Static task
static1
Behavioral task
behavioral1
Sample
38f32d0695d9ab8241e77200496f01eb7ee7d8a47d7406c7d80d2ccd067cf546.exe
Resource
win10-en-20211104
Malware Config
Extracted
redline
1132044836
185.183.32.184:80
Targets
-
-
Target
38f32d0695d9ab8241e77200496f01eb7ee7d8a47d7406c7d80d2ccd067cf546
-
Size
393KB
-
MD5
0fb2db60678f5b79e19243b16f275614
-
SHA1
526792aade4e25b9d1b6b53e10c39dc2286f55c3
-
SHA256
38f32d0695d9ab8241e77200496f01eb7ee7d8a47d7406c7d80d2ccd067cf546
-
SHA512
dfdf47960da4a5d64c39c5f0565373c177861e1dfce3026053aa783bde5c1cfa456ead77af3d6e70b6f29a6354927483ee6e2d51906f0bb526d7bf526206b879
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-