General
-
Target
ec6fc624bd609cdb94b1e7e0cc5381b4c7a3b6c1937e8bbb0f8981f1603bc21a
-
Size
405KB
-
Sample
211125-tf4wmabad2
-
MD5
0e74883ac4f4024dec755c5d680ba44c
-
SHA1
fa9b1e2dce4b7666e9c382fe7c592cbdd11eda4c
-
SHA256
ec6fc624bd609cdb94b1e7e0cc5381b4c7a3b6c1937e8bbb0f8981f1603bc21a
-
SHA512
0ddb28b853cba9576d3d4d36a50f215de9dee1efc081a0dde36cfc494b7f65f43e4c2d280a862400637fa874828c7cc76aa7f74733f38ae7dd9366c2b644d360
Static task
static1
Behavioral task
behavioral1
Sample
ec6fc624bd609cdb94b1e7e0cc5381b4c7a3b6c1937e8bbb0f8981f1603bc21a.exe
Resource
win10-en-20211104
Malware Config
Extracted
redline
SewPalpadin
185.215.113.29:26828
Targets
-
-
Target
ec6fc624bd609cdb94b1e7e0cc5381b4c7a3b6c1937e8bbb0f8981f1603bc21a
-
Size
405KB
-
MD5
0e74883ac4f4024dec755c5d680ba44c
-
SHA1
fa9b1e2dce4b7666e9c382fe7c592cbdd11eda4c
-
SHA256
ec6fc624bd609cdb94b1e7e0cc5381b4c7a3b6c1937e8bbb0f8981f1603bc21a
-
SHA512
0ddb28b853cba9576d3d4d36a50f215de9dee1efc081a0dde36cfc494b7f65f43e4c2d280a862400637fa874828c7cc76aa7f74733f38ae7dd9366c2b644d360
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-