General
-
Target
1bbe608a959aff42db80221983688036d9a479b087af52e6993218e0619ad095
-
Size
284KB
-
Sample
211126-e546csadgj
-
MD5
c99e07389388d5b5233249b67a483f65
-
SHA1
e87b5da83bcb64e589dd6726b9cd0133034253a8
-
SHA256
1bbe608a959aff42db80221983688036d9a479b087af52e6993218e0619ad095
-
SHA512
ae81049ac2ca3298619b0eeaad0fce87a1562e8ff3060b4037cb4b5c9a4dc25f3e7b04b0611a40318e05c5b816014dd1102ccbc0221f84351a491fe0019febea
Static task
static1
Malware Config
Extracted
redline
udptest
193.56.146.64:65441
Targets
-
-
Target
1bbe608a959aff42db80221983688036d9a479b087af52e6993218e0619ad095
-
Size
284KB
-
MD5
c99e07389388d5b5233249b67a483f65
-
SHA1
e87b5da83bcb64e589dd6726b9cd0133034253a8
-
SHA256
1bbe608a959aff42db80221983688036d9a479b087af52e6993218e0619ad095
-
SHA512
ae81049ac2ca3298619b0eeaad0fce87a1562e8ff3060b4037cb4b5c9a4dc25f3e7b04b0611a40318e05c5b816014dd1102ccbc0221f84351a491fe0019febea
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-