General
-
Target
2d4e1413baa2255985e1f0cd9be352a8eff8669798384cae583911780d3c0cea
-
Size
285KB
-
Sample
211126-jm45vsbber
-
MD5
fac6974bf28b1670ce97cef9511ec695
-
SHA1
4571f4125528476ba9b03d741b8e0dea8f4db002
-
SHA256
2d4e1413baa2255985e1f0cd9be352a8eff8669798384cae583911780d3c0cea
-
SHA512
221e2bc412317b724ecea50231aa7b8766f3e5bcc78a4e1c5d9c21edc5fd64d8ec43ec4c9f825003903aaf5eb5a3e6a6218a0163f2fa69e198d83182db2446c4
Static task
static1
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
2d4e1413baa2255985e1f0cd9be352a8eff8669798384cae583911780d3c0cea
-
Size
285KB
-
MD5
fac6974bf28b1670ce97cef9511ec695
-
SHA1
4571f4125528476ba9b03d741b8e0dea8f4db002
-
SHA256
2d4e1413baa2255985e1f0cd9be352a8eff8669798384cae583911780d3c0cea
-
SHA512
221e2bc412317b724ecea50231aa7b8766f3e5bcc78a4e1c5d9c21edc5fd64d8ec43ec4c9f825003903aaf5eb5a3e6a6218a0163f2fa69e198d83182db2446c4
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-