General
-
Target
e12dcf4266cc6c1de18f55333489281ac5f24f54f019db2f76bf2dacff13779b
-
Size
405KB
-
Sample
211125-r5j7eafebm
-
MD5
b9ce2f317d551e6e33e3c8849fe63e81
-
SHA1
a56a82f46ece972140400ca5b1b1472768918615
-
SHA256
e12dcf4266cc6c1de18f55333489281ac5f24f54f019db2f76bf2dacff13779b
-
SHA512
4fef80e180d7f8421902785d3ab34e2bc2e1fe9f94254349ed7e257670c7c1b0610e205d470fda202c57e3e46a522821dbae999bda720b73efa273ca8dec9547
Static task
static1
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
e12dcf4266cc6c1de18f55333489281ac5f24f54f019db2f76bf2dacff13779b
-
Size
405KB
-
MD5
b9ce2f317d551e6e33e3c8849fe63e81
-
SHA1
a56a82f46ece972140400ca5b1b1472768918615
-
SHA256
e12dcf4266cc6c1de18f55333489281ac5f24f54f019db2f76bf2dacff13779b
-
SHA512
4fef80e180d7f8421902785d3ab34e2bc2e1fe9f94254349ed7e257670c7c1b0610e205d470fda202c57e3e46a522821dbae999bda720b73efa273ca8dec9547
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-