General
-
Target
36fb9d552c8a8fb1eb24b9d661f8621d3c914f601d35a7a49bc6f6232e704685
-
Size
284KB
-
Sample
211126-fxxxraaehp
-
MD5
7d6e46e259df165181d514ba4c392d47
-
SHA1
96008f61456ded1d83be5db294ca47fb5bcbcbe6
-
SHA256
36fb9d552c8a8fb1eb24b9d661f8621d3c914f601d35a7a49bc6f6232e704685
-
SHA512
82bd6fb0a26c66ade42a06ff4b99cb1b1ec5101262fa045c90f459a29337a36860976350f5631a524b320ea721fb746dcd3accc81832f67f234fc0f05e75659b
Static task
static1
Malware Config
Extracted
redline
udptest
193.56.146.64:65441
Targets
-
-
Target
36fb9d552c8a8fb1eb24b9d661f8621d3c914f601d35a7a49bc6f6232e704685
-
Size
284KB
-
MD5
7d6e46e259df165181d514ba4c392d47
-
SHA1
96008f61456ded1d83be5db294ca47fb5bcbcbe6
-
SHA256
36fb9d552c8a8fb1eb24b9d661f8621d3c914f601d35a7a49bc6f6232e704685
-
SHA512
82bd6fb0a26c66ade42a06ff4b99cb1b1ec5101262fa045c90f459a29337a36860976350f5631a524b320ea721fb746dcd3accc81832f67f234fc0f05e75659b
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-