General
-
Target
2d090a2cf40c2b82288160ecce78416c10343100b21434a3bfc7b6167747682a
-
Size
296KB
-
Sample
211126-2v8gcsafa2
-
MD5
235b56fb26d7ef2f0bfce5b521a0b99c
-
SHA1
d5deb3e56423a6865c543636dad0e4ef756eaa15
-
SHA256
2d090a2cf40c2b82288160ecce78416c10343100b21434a3bfc7b6167747682a
-
SHA512
1eb2a2968f7052311cf67c35d863847e5fda213c6ab827e3aa76ff23dcf8cc31c609feae45a0a446f064182bc44938f4407681a77c9a40a67ba87c4d11b11609
Static task
static1
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
2d090a2cf40c2b82288160ecce78416c10343100b21434a3bfc7b6167747682a
-
Size
296KB
-
MD5
235b56fb26d7ef2f0bfce5b521a0b99c
-
SHA1
d5deb3e56423a6865c543636dad0e4ef756eaa15
-
SHA256
2d090a2cf40c2b82288160ecce78416c10343100b21434a3bfc7b6167747682a
-
SHA512
1eb2a2968f7052311cf67c35d863847e5fda213c6ab827e3aa76ff23dcf8cc31c609feae45a0a446f064182bc44938f4407681a77c9a40a67ba87c4d11b11609
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-