General
-
Target
535acc6f8ae6b821454ff96ed9d4f0ed54eabd48df5879d270e410e6d69a00f2
-
Size
285KB
-
Sample
211126-ek1bnsacgm
-
MD5
9dfc9173b94a9e9002ac17d54e8a0495
-
SHA1
52fcdc312466d3d4ac6c15deee20b6985ed2960d
-
SHA256
535acc6f8ae6b821454ff96ed9d4f0ed54eabd48df5879d270e410e6d69a00f2
-
SHA512
bb0818b7469421264bd4078238e4840df1de348bae66a19f0c03de71fc9b4c6a61b52869d55a51ebec41e2665efc326803d8ac40ef311f4fe5fccbfbddffe72f
Static task
static1
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
535acc6f8ae6b821454ff96ed9d4f0ed54eabd48df5879d270e410e6d69a00f2
-
Size
285KB
-
MD5
9dfc9173b94a9e9002ac17d54e8a0495
-
SHA1
52fcdc312466d3d4ac6c15deee20b6985ed2960d
-
SHA256
535acc6f8ae6b821454ff96ed9d4f0ed54eabd48df5879d270e410e6d69a00f2
-
SHA512
bb0818b7469421264bd4078238e4840df1de348bae66a19f0c03de71fc9b4c6a61b52869d55a51ebec41e2665efc326803d8ac40ef311f4fe5fccbfbddffe72f
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-