General
-
Target
565cae31f1bad686bd416c211c4bd3d6a7d7b7d304d022798ac7ec9b414c4171
-
Size
405KB
-
Sample
211125-cwyk4shdc5
-
MD5
23389a317a0958c223cae603efa7a895
-
SHA1
c0c7fa9320267f10309d7790664909c14719123a
-
SHA256
565cae31f1bad686bd416c211c4bd3d6a7d7b7d304d022798ac7ec9b414c4171
-
SHA512
0ebe82a1709308216a2a8578dd1484b43be7dc04e303a3de9cb62f50c7b9522fb1b3ceb84e00d14ffd80831dce35ca21e793ee59bd0719e240ee0f049967a918
Static task
static1
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
565cae31f1bad686bd416c211c4bd3d6a7d7b7d304d022798ac7ec9b414c4171
-
Size
405KB
-
MD5
23389a317a0958c223cae603efa7a895
-
SHA1
c0c7fa9320267f10309d7790664909c14719123a
-
SHA256
565cae31f1bad686bd416c211c4bd3d6a7d7b7d304d022798ac7ec9b414c4171
-
SHA512
0ebe82a1709308216a2a8578dd1484b43be7dc04e303a3de9cb62f50c7b9522fb1b3ceb84e00d14ffd80831dce35ca21e793ee59bd0719e240ee0f049967a918
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-