General
-
Target
5a0fad53ae6105f1717bf891046f93605a7789d99ae8b0307b24f735f169ef34
-
Size
285KB
-
Sample
211126-ed27padeg4
-
MD5
c5aadbf9144274bf61c5e43c41dfc0e1
-
SHA1
b76c9365049cf45a2114c761b12fb3c43cf0ccaf
-
SHA256
5a0fad53ae6105f1717bf891046f93605a7789d99ae8b0307b24f735f169ef34
-
SHA512
5e7218e0ae32e946ebe3fa7583fc274d5786e2ffb797ac195f08cd3a93c99decb59644a877f4c8938aeb49632b238253ad06f8c47deee7c2cc5b50ec9b53f0e3
Static task
static1
Malware Config
Extracted
redline
Updbdate
193.56.146.64:65441
Targets
-
-
Target
5a0fad53ae6105f1717bf891046f93605a7789d99ae8b0307b24f735f169ef34
-
Size
285KB
-
MD5
c5aadbf9144274bf61c5e43c41dfc0e1
-
SHA1
b76c9365049cf45a2114c761b12fb3c43cf0ccaf
-
SHA256
5a0fad53ae6105f1717bf891046f93605a7789d99ae8b0307b24f735f169ef34
-
SHA512
5e7218e0ae32e946ebe3fa7583fc274d5786e2ffb797ac195f08cd3a93c99decb59644a877f4c8938aeb49632b238253ad06f8c47deee7c2cc5b50ec9b53f0e3
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-