General
-
Target
381c84f8ba02753c7efd8b9968de460f4a8946678af9325d8636f4ddfb978d44
-
Size
296KB
-
Sample
211126-3rns8affcm
-
MD5
d3de4bdab8a047b2ed62861f181eb1c5
-
SHA1
378302a5ceda7549b1c4effe0ecafbf2f46f571c
-
SHA256
381c84f8ba02753c7efd8b9968de460f4a8946678af9325d8636f4ddfb978d44
-
SHA512
f7d5c8b23e141b49086ad56cd00283af0825307f32565b2d3d42fe4854cc3ec577cebbafb8d3a3272466b312ada0c23fe7a9c726878308d682a120e5be6ce741
Static task
static1
Malware Config
Extracted
redline
udptest
193.56.146.64:65441
Targets
-
-
Target
381c84f8ba02753c7efd8b9968de460f4a8946678af9325d8636f4ddfb978d44
-
Size
296KB
-
MD5
d3de4bdab8a047b2ed62861f181eb1c5
-
SHA1
378302a5ceda7549b1c4effe0ecafbf2f46f571c
-
SHA256
381c84f8ba02753c7efd8b9968de460f4a8946678af9325d8636f4ddfb978d44
-
SHA512
f7d5c8b23e141b49086ad56cd00283af0825307f32565b2d3d42fe4854cc3ec577cebbafb8d3a3272466b312ada0c23fe7a9c726878308d682a120e5be6ce741
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-