General
-
Target
504153b32a6a675fb5e02539a80a2be682953b68efb6df4744d4b2eae49596b3
-
Size
404KB
-
Sample
211125-dx1brsebfq
-
MD5
21907ceeeb3f9a8c672aa0d7ba570621
-
SHA1
c64811eff051f8fca978a9a5973c203bb9d42e77
-
SHA256
504153b32a6a675fb5e02539a80a2be682953b68efb6df4744d4b2eae49596b3
-
SHA512
255a7d8ccf8b5deb08867c1ea5b0220120e7da7bd040d1a7c83497f3d6790b4cd49c58610b9e426dde8c726e9553a12e86ec07d02b1c48aa66d7cb5eacc3453a
Static task
static1
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
504153b32a6a675fb5e02539a80a2be682953b68efb6df4744d4b2eae49596b3
-
Size
404KB
-
MD5
21907ceeeb3f9a8c672aa0d7ba570621
-
SHA1
c64811eff051f8fca978a9a5973c203bb9d42e77
-
SHA256
504153b32a6a675fb5e02539a80a2be682953b68efb6df4744d4b2eae49596b3
-
SHA512
255a7d8ccf8b5deb08867c1ea5b0220120e7da7bd040d1a7c83497f3d6790b4cd49c58610b9e426dde8c726e9553a12e86ec07d02b1c48aa66d7cb5eacc3453a
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-