General
-
Target
49c0718d07d63a2942be468b3c5708b1372004871ac0b277d2b32eac5646e261
-
Size
285KB
-
Sample
211126-dddnnadch5
-
MD5
d4cab7d49b77026a837ff3346919fc59
-
SHA1
05007da65931cfc62a27d3ccced56529b29986fb
-
SHA256
49c0718d07d63a2942be468b3c5708b1372004871ac0b277d2b32eac5646e261
-
SHA512
b913e42665c61fed28cd85125beace5d9fd4b4294747afa93eb3d15ec5621d34e4f7fd723df21530aac7a1bcb1aaf0685014be771b4bbcba8c0ebd62b330b22b
Static task
static1
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
49c0718d07d63a2942be468b3c5708b1372004871ac0b277d2b32eac5646e261
-
Size
285KB
-
MD5
d4cab7d49b77026a837ff3346919fc59
-
SHA1
05007da65931cfc62a27d3ccced56529b29986fb
-
SHA256
49c0718d07d63a2942be468b3c5708b1372004871ac0b277d2b32eac5646e261
-
SHA512
b913e42665c61fed28cd85125beace5d9fd4b4294747afa93eb3d15ec5621d34e4f7fd723df21530aac7a1bcb1aaf0685014be771b4bbcba8c0ebd62b330b22b
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-