General
-
Target
d132b2211f01c0a28e67154591703985381d6b39ed0ee2eeca0634c615b8a50e
-
Size
286KB
-
Sample
211126-cr5hvshhhr
-
MD5
75453b22458225f3b0c80ffd67459057
-
SHA1
a96bebd489e28518dd7bfd5f23d9241648b9bffd
-
SHA256
d132b2211f01c0a28e67154591703985381d6b39ed0ee2eeca0634c615b8a50e
-
SHA512
edf08531b0b1c6743412a6b086c04cb5cd8a8afe123405096bc3848b66fb2993a1089ce9ded79c170cc32c57bab5f5cf6b193da550fd8ef2907dee0960770b56
Static task
static1
Malware Config
Extracted
redline
Updbdate
193.56.146.64:65441
Targets
-
-
Target
d132b2211f01c0a28e67154591703985381d6b39ed0ee2eeca0634c615b8a50e
-
Size
286KB
-
MD5
75453b22458225f3b0c80ffd67459057
-
SHA1
a96bebd489e28518dd7bfd5f23d9241648b9bffd
-
SHA256
d132b2211f01c0a28e67154591703985381d6b39ed0ee2eeca0634c615b8a50e
-
SHA512
edf08531b0b1c6743412a6b086c04cb5cd8a8afe123405096bc3848b66fb2993a1089ce9ded79c170cc32c57bab5f5cf6b193da550fd8ef2907dee0960770b56
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-