General
-
Target
ad359a3215e00878d4b788c29332d82480450165fa395498fa9a661a45ddb17c
-
Size
329KB
-
Sample
211110-pwc1maebdp
-
MD5
c8ba87fa6d28afdaa80b6eac00af43cb
-
SHA1
ad0d4edd3be9f8f24c221bce4d5e3538492f93ca
-
SHA256
ad359a3215e00878d4b788c29332d82480450165fa395498fa9a661a45ddb17c
-
SHA512
3977552e33be267e442b8627aa792a3e3f1437a1d4a72967d2a5999b7e591f5ca551b7a21d5ec2c90fc8b49332c2b8f088629d40fe41a2e8bc12be0b6f9e101e
Static task
static1
Behavioral task
behavioral1
Sample
ad359a3215e00878d4b788c29332d82480450165fa395498fa9a661a45ddb17c.exe
Resource
win10-en-20211014
Malware Config
Extracted
redline
1132044836
185.183.32.184:80
Targets
-
-
Target
ad359a3215e00878d4b788c29332d82480450165fa395498fa9a661a45ddb17c
-
Size
329KB
-
MD5
c8ba87fa6d28afdaa80b6eac00af43cb
-
SHA1
ad0d4edd3be9f8f24c221bce4d5e3538492f93ca
-
SHA256
ad359a3215e00878d4b788c29332d82480450165fa395498fa9a661a45ddb17c
-
SHA512
3977552e33be267e442b8627aa792a3e3f1437a1d4a72967d2a5999b7e591f5ca551b7a21d5ec2c90fc8b49332c2b8f088629d40fe41a2e8bc12be0b6f9e101e
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-