General
-
Target
a89d925ae93dbf881fdbbd5a2e92a528f8568b8fb0dd4d75935068c45ee0e106
-
Size
405KB
-
Sample
211125-vytdaabcf8
-
MD5
274db1fe6b77ff074e856027c27a7fb9
-
SHA1
f974029257496e38c1eebf2b9526bf459b002fc6
-
SHA256
a89d925ae93dbf881fdbbd5a2e92a528f8568b8fb0dd4d75935068c45ee0e106
-
SHA512
697d6f699ebb517926440160f83f34c6622553ffd24828160ae57e1dced46755114bede49e7dedf287ec31f25c62156a57151d4fec6505bc873af845fea765a7
Static task
static1
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
a89d925ae93dbf881fdbbd5a2e92a528f8568b8fb0dd4d75935068c45ee0e106
-
Size
405KB
-
MD5
274db1fe6b77ff074e856027c27a7fb9
-
SHA1
f974029257496e38c1eebf2b9526bf459b002fc6
-
SHA256
a89d925ae93dbf881fdbbd5a2e92a528f8568b8fb0dd4d75935068c45ee0e106
-
SHA512
697d6f699ebb517926440160f83f34c6622553ffd24828160ae57e1dced46755114bede49e7dedf287ec31f25c62156a57151d4fec6505bc873af845fea765a7
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-