General
-
Target
2f4a1f709d3f6c614e8c00354d07f6db46b212e8f0b6642088e8486c485a77ee
-
Size
405KB
-
Sample
211125-tbk8qabab3
-
MD5
c4e2a409716694697e4c9259a6445a0c
-
SHA1
cbfb930f783679d70c15f4e5c9bc78bc59b3b55b
-
SHA256
2f4a1f709d3f6c614e8c00354d07f6db46b212e8f0b6642088e8486c485a77ee
-
SHA512
7f042f532faa683710b16417050ab102d8f30a50a8ea4f01985fcb4fc2f51b8e8735601b953ba12e58030bdb6b3a0eb70ab27ce9c9dcc5c7865f93305b97c838
Static task
static1
Malware Config
Extracted
redline
udptest
193.56.146.64:65441
Targets
-
-
Target
2f4a1f709d3f6c614e8c00354d07f6db46b212e8f0b6642088e8486c485a77ee
-
Size
405KB
-
MD5
c4e2a409716694697e4c9259a6445a0c
-
SHA1
cbfb930f783679d70c15f4e5c9bc78bc59b3b55b
-
SHA256
2f4a1f709d3f6c614e8c00354d07f6db46b212e8f0b6642088e8486c485a77ee
-
SHA512
7f042f532faa683710b16417050ab102d8f30a50a8ea4f01985fcb4fc2f51b8e8735601b953ba12e58030bdb6b3a0eb70ab27ce9c9dcc5c7865f93305b97c838
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-