General
-
Target
8f8f1ed7bc641b2a7cb1f28e765999ed247cc1c855537b87f5cf00358866487a
-
Size
402KB
-
Sample
211125-2h1kzscch2
-
MD5
b635809fb0a1cf794429559aba6b9fed
-
SHA1
413c5c263dd07df563928b2c760b959c7b266a82
-
SHA256
8f8f1ed7bc641b2a7cb1f28e765999ed247cc1c855537b87f5cf00358866487a
-
SHA512
af3ff5d139b39e65a2d479e7401b086fedcbad96308a71ea188a31e9f12476d01f638f031b7d1448a2ed983780f3a74680a696af033fc585fc42faaa104f3f6a
Static task
static1
Malware Config
Extracted
redline
Updbdate
193.56.146.64:65441
Targets
-
-
Target
8f8f1ed7bc641b2a7cb1f28e765999ed247cc1c855537b87f5cf00358866487a
-
Size
402KB
-
MD5
b635809fb0a1cf794429559aba6b9fed
-
SHA1
413c5c263dd07df563928b2c760b959c7b266a82
-
SHA256
8f8f1ed7bc641b2a7cb1f28e765999ed247cc1c855537b87f5cf00358866487a
-
SHA512
af3ff5d139b39e65a2d479e7401b086fedcbad96308a71ea188a31e9f12476d01f638f031b7d1448a2ed983780f3a74680a696af033fc585fc42faaa104f3f6a
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-