General
-
Target
a3d4fdad22731ac1f81f735266f909a5d71c7dc6f1f1990e06e38c3622bcdb07
-
Size
285KB
-
Sample
211124-15wd4sdgck
-
MD5
46d00b735fd1542ed157e20e5c03f41e
-
SHA1
d1a8652c6f48cb782effa4bf9d84fef0aa7f1214
-
SHA256
a3d4fdad22731ac1f81f735266f909a5d71c7dc6f1f1990e06e38c3622bcdb07
-
SHA512
be74b409dd783ffb6d1f5671f013b31b16d26abbc4ce778f8be12109c3f41cb01c4792a08b7a3b8598e9280b7e613f2f6e870060964af41e8a820769abc8bc1b
Static task
static1
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
a3d4fdad22731ac1f81f735266f909a5d71c7dc6f1f1990e06e38c3622bcdb07
-
Size
285KB
-
MD5
46d00b735fd1542ed157e20e5c03f41e
-
SHA1
d1a8652c6f48cb782effa4bf9d84fef0aa7f1214
-
SHA256
a3d4fdad22731ac1f81f735266f909a5d71c7dc6f1f1990e06e38c3622bcdb07
-
SHA512
be74b409dd783ffb6d1f5671f013b31b16d26abbc4ce778f8be12109c3f41cb01c4792a08b7a3b8598e9280b7e613f2f6e870060964af41e8a820769abc8bc1b
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-