General
-
Target
f1b59fa3cdf98bbe1008b0cd7bbff7be4d374e89ab484f81e4345e4f091e5749
-
Size
405KB
-
Sample
211125-t7tvqsfgfm
-
MD5
7c357e9c547247438791b26e75d615fd
-
SHA1
bac795f6f99e01b90cc3d58e6f2d57a958fbb0df
-
SHA256
f1b59fa3cdf98bbe1008b0cd7bbff7be4d374e89ab484f81e4345e4f091e5749
-
SHA512
c8c52406f387b72efbf67a787917695400cb5ad3f762b9ddcc3b21defd01268a1d98a60405c6e2de9c2451453f8f0877f938f487b91eb50e502da0012e05b898
Static task
static1
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
f1b59fa3cdf98bbe1008b0cd7bbff7be4d374e89ab484f81e4345e4f091e5749
-
Size
405KB
-
MD5
7c357e9c547247438791b26e75d615fd
-
SHA1
bac795f6f99e01b90cc3d58e6f2d57a958fbb0df
-
SHA256
f1b59fa3cdf98bbe1008b0cd7bbff7be4d374e89ab484f81e4345e4f091e5749
-
SHA512
c8c52406f387b72efbf67a787917695400cb5ad3f762b9ddcc3b21defd01268a1d98a60405c6e2de9c2451453f8f0877f938f487b91eb50e502da0012e05b898
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-