General
-
Target
335227c89aed3ce534e55b9ca82e02d953518ce7084eab2a527c6fb875856a2a
-
Size
405KB
-
Sample
211125-b4477ahch5
-
MD5
07e9eb1d92e8e60e446f38a727752ba1
-
SHA1
2ab1a55a1573fd5ff236df7c68ffcdc41354952b
-
SHA256
335227c89aed3ce534e55b9ca82e02d953518ce7084eab2a527c6fb875856a2a
-
SHA512
29bc5a2371880169ba79ae0ff0e07d00e7de4f3ae3639d5dcb048641d3ae43d7f5abb1d423c06ceb7407e129631543cbe2d885aa2a68184e24496b56d728794c
Static task
static1
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
335227c89aed3ce534e55b9ca82e02d953518ce7084eab2a527c6fb875856a2a
-
Size
405KB
-
MD5
07e9eb1d92e8e60e446f38a727752ba1
-
SHA1
2ab1a55a1573fd5ff236df7c68ffcdc41354952b
-
SHA256
335227c89aed3ce534e55b9ca82e02d953518ce7084eab2a527c6fb875856a2a
-
SHA512
29bc5a2371880169ba79ae0ff0e07d00e7de4f3ae3639d5dcb048641d3ae43d7f5abb1d423c06ceb7407e129631543cbe2d885aa2a68184e24496b56d728794c
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-