General
-
Target
7e6f0b28bf58fb70fc29e45383d9d89d8d2156a9b635b5b71729d93fa2330d73
-
Size
406KB
-
Sample
211125-qtkhcsfchn
-
MD5
f5efee88a5f24d020ed54ea30109966b
-
SHA1
01c9e1a9ad403b8f5e02d18f531c980bd1c4ead5
-
SHA256
7e6f0b28bf58fb70fc29e45383d9d89d8d2156a9b635b5b71729d93fa2330d73
-
SHA512
dc4d55dc4e6afa147e4ce3a8e26eceebc41197debdf63a6881b856ec7a75f0c936c0ebb0f77d0277330bad0a6a4ec068e339b7a2dd253db104305104945b26e4
Static task
static1
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
7e6f0b28bf58fb70fc29e45383d9d89d8d2156a9b635b5b71729d93fa2330d73
-
Size
406KB
-
MD5
f5efee88a5f24d020ed54ea30109966b
-
SHA1
01c9e1a9ad403b8f5e02d18f531c980bd1c4ead5
-
SHA256
7e6f0b28bf58fb70fc29e45383d9d89d8d2156a9b635b5b71729d93fa2330d73
-
SHA512
dc4d55dc4e6afa147e4ce3a8e26eceebc41197debdf63a6881b856ec7a75f0c936c0ebb0f77d0277330bad0a6a4ec068e339b7a2dd253db104305104945b26e4
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-