General
-
Target
cea4b827597e1c3259a36fb51c9878b8713912767755d3f7dd2954e840afb382
-
Size
285KB
-
Sample
211126-hnxxhaeca4
-
MD5
ecd9ed57dfd66f68ebdbdf9668009f54
-
SHA1
14787ff0986c26aa2e212b0a0a3cbcc340218a57
-
SHA256
cea4b827597e1c3259a36fb51c9878b8713912767755d3f7dd2954e840afb382
-
SHA512
218cd64ee3bfa6a5e882373e40480aa666042dee9a5bf0ba8df45745082e4e5f6129ea3f6e5edee42382ed1af1ce3e47020ac8da7ff46e37000a7170bfa1e963
Static task
static1
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
cea4b827597e1c3259a36fb51c9878b8713912767755d3f7dd2954e840afb382
-
Size
285KB
-
MD5
ecd9ed57dfd66f68ebdbdf9668009f54
-
SHA1
14787ff0986c26aa2e212b0a0a3cbcc340218a57
-
SHA256
cea4b827597e1c3259a36fb51c9878b8713912767755d3f7dd2954e840afb382
-
SHA512
218cd64ee3bfa6a5e882373e40480aa666042dee9a5bf0ba8df45745082e4e5f6129ea3f6e5edee42382ed1af1ce3e47020ac8da7ff46e37000a7170bfa1e963
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-