General
-
Target
948ed5425a65db9fd388a36c25979c4abfe9db1383184b6067e3f393782563ae
-
Size
405KB
-
Sample
211125-jlv6kaeefj
-
MD5
501d8aa4736be77318f9dcf126e44896
-
SHA1
51d8d53fc605e599264daaf23b7442a3cab09e4d
-
SHA256
948ed5425a65db9fd388a36c25979c4abfe9db1383184b6067e3f393782563ae
-
SHA512
39f3d4a2fd9f0f7b7b72b5686770c48193e1e33f93c7fed69a146c8cb6465545294350ecaf72eabbe2960cdcc12284123f1a9caa49dd868c148befdba18f6a5f
Static task
static1
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
948ed5425a65db9fd388a36c25979c4abfe9db1383184b6067e3f393782563ae
-
Size
405KB
-
MD5
501d8aa4736be77318f9dcf126e44896
-
SHA1
51d8d53fc605e599264daaf23b7442a3cab09e4d
-
SHA256
948ed5425a65db9fd388a36c25979c4abfe9db1383184b6067e3f393782563ae
-
SHA512
39f3d4a2fd9f0f7b7b72b5686770c48193e1e33f93c7fed69a146c8cb6465545294350ecaf72eabbe2960cdcc12284123f1a9caa49dd868c148befdba18f6a5f
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-