General
-
Target
ebc4acabf30b159e1a855e529b5c045fa7af9356e7043.exe
-
Size
344KB
-
Sample
211122-z165dacab4
-
MD5
b25fdabef081394cfc659b7f9574e323
-
SHA1
84c00d9786f82767814033f70401cb193e0024c0
-
SHA256
ebc4acabf30b159e1a855e529b5c045fa7af9356e70433fa3ce8ce9599b151e6
-
SHA512
42dae5ed2501280d02102d9969a60f7415a688af4db9b93949e1e6c4e3928916e374a9e47416aad32e6eb6f30b0e7966bc699bd13fbbd14b3c7059f8540f45a8
Static task
static1
Behavioral task
behavioral1
Sample
ebc4acabf30b159e1a855e529b5c045fa7af9356e7043.exe
Resource
win7-en-20211014
Malware Config
Extracted
redline
@123
141.95.82.50:63652
Targets
-
-
Target
ebc4acabf30b159e1a855e529b5c045fa7af9356e7043.exe
-
Size
344KB
-
MD5
b25fdabef081394cfc659b7f9574e323
-
SHA1
84c00d9786f82767814033f70401cb193e0024c0
-
SHA256
ebc4acabf30b159e1a855e529b5c045fa7af9356e70433fa3ce8ce9599b151e6
-
SHA512
42dae5ed2501280d02102d9969a60f7415a688af4db9b93949e1e6c4e3928916e374a9e47416aad32e6eb6f30b0e7966bc699bd13fbbd14b3c7059f8540f45a8
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-