General
-
Target
9d7849002165a9a563f5a9deb2c343db1b8a8284bdae6ae5acb1620f123887c1
-
Size
405KB
-
Sample
211125-p89kcsaeh8
-
MD5
244768856b09dcc52f014052aed37327
-
SHA1
48df54c9277f6f42032bf94b775e98692b83a972
-
SHA256
9d7849002165a9a563f5a9deb2c343db1b8a8284bdae6ae5acb1620f123887c1
-
SHA512
16ec56565d12fb0b7271684a3e74d22bc4812054326a4abfbe075573d0240bfe0fc935cc8096591feb26c301a45e59a8660550b667f24669be6cd68deecad7b2
Static task
static1
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
9d7849002165a9a563f5a9deb2c343db1b8a8284bdae6ae5acb1620f123887c1
-
Size
405KB
-
MD5
244768856b09dcc52f014052aed37327
-
SHA1
48df54c9277f6f42032bf94b775e98692b83a972
-
SHA256
9d7849002165a9a563f5a9deb2c343db1b8a8284bdae6ae5acb1620f123887c1
-
SHA512
16ec56565d12fb0b7271684a3e74d22bc4812054326a4abfbe075573d0240bfe0fc935cc8096591feb26c301a45e59a8660550b667f24669be6cd68deecad7b2
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-