General
-
Target
a2b6c4286d9de9cded676840936ce2446a5244d5e415613404eae6430efc8c58
-
Size
404KB
-
Sample
211125-t1t7xsfgdn
-
MD5
22881f3c6d61c70b25ff28654b6961e5
-
SHA1
90d344108bb0ba41e068080443a4bd42c25bdf54
-
SHA256
a2b6c4286d9de9cded676840936ce2446a5244d5e415613404eae6430efc8c58
-
SHA512
aa57847eb66727fd72fd66ed5cfbeb46e14bdf1c03a17ed9fa9137d864de0aadd80036ef1d806e81b714ccfe0661d9e1831e3c4355b85ecf9523fedc6bf9d889
Static task
static1
Malware Config
Extracted
redline
udptest
193.56.146.64:65441
Targets
-
-
Target
a2b6c4286d9de9cded676840936ce2446a5244d5e415613404eae6430efc8c58
-
Size
404KB
-
MD5
22881f3c6d61c70b25ff28654b6961e5
-
SHA1
90d344108bb0ba41e068080443a4bd42c25bdf54
-
SHA256
a2b6c4286d9de9cded676840936ce2446a5244d5e415613404eae6430efc8c58
-
SHA512
aa57847eb66727fd72fd66ed5cfbeb46e14bdf1c03a17ed9fa9137d864de0aadd80036ef1d806e81b714ccfe0661d9e1831e3c4355b85ecf9523fedc6bf9d889
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-