General
-
Target
753d1d092f584fb4a560c4855996116974742f5dc8c6a9e85e3dce4c2ca13e11
-
Size
402KB
-
Sample
211126-af5clscfg2
-
MD5
bb6a4f98e1640e8e18d947b313fb955e
-
SHA1
63c64c59d1fd4383187721814e1adab4de6e285a
-
SHA256
753d1d092f584fb4a560c4855996116974742f5dc8c6a9e85e3dce4c2ca13e11
-
SHA512
d5f061590cb44bffd9c903b77a952b2f1dd883640c6f2a78544321abc648a79d21846d434da824a90f56bb0d0b197ff0fce0c22264d526ab6d44c847fc7e9777
Static task
static1
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
753d1d092f584fb4a560c4855996116974742f5dc8c6a9e85e3dce4c2ca13e11
-
Size
402KB
-
MD5
bb6a4f98e1640e8e18d947b313fb955e
-
SHA1
63c64c59d1fd4383187721814e1adab4de6e285a
-
SHA256
753d1d092f584fb4a560c4855996116974742f5dc8c6a9e85e3dce4c2ca13e11
-
SHA512
d5f061590cb44bffd9c903b77a952b2f1dd883640c6f2a78544321abc648a79d21846d434da824a90f56bb0d0b197ff0fce0c22264d526ab6d44c847fc7e9777
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-