General
-
Target
e87ce6907c6ba2ace7be82f3d9b62e7dbde0a5230a8ddf439da8ed67201fd2ad
-
Size
405KB
-
Sample
211125-f59xaahfe6
-
MD5
a8b04e08153c2734fd480d39d1256712
-
SHA1
f5a5fb5682306b71b81631cf85d13af7179dd3b1
-
SHA256
e87ce6907c6ba2ace7be82f3d9b62e7dbde0a5230a8ddf439da8ed67201fd2ad
-
SHA512
0dfe4e97676b0a3c9247aa7ecb9ec8487876ca8c3ca3cf7893b1286c0960d31e0467f6f635138acd701928832a31bde7ab6f85999566a4ed0b6b0254578b60bc
Static task
static1
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
e87ce6907c6ba2ace7be82f3d9b62e7dbde0a5230a8ddf439da8ed67201fd2ad
-
Size
405KB
-
MD5
a8b04e08153c2734fd480d39d1256712
-
SHA1
f5a5fb5682306b71b81631cf85d13af7179dd3b1
-
SHA256
e87ce6907c6ba2ace7be82f3d9b62e7dbde0a5230a8ddf439da8ed67201fd2ad
-
SHA512
0dfe4e97676b0a3c9247aa7ecb9ec8487876ca8c3ca3cf7893b1286c0960d31e0467f6f635138acd701928832a31bde7ab6f85999566a4ed0b6b0254578b60bc
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-