General
-
Target
ad578cd082369ae6c15e9b3af4030cbc2075bb672674dd4d3c022530824faaad
-
Size
285KB
-
Sample
211126-k6nsnabdhq
-
MD5
4b65a0c6087ea23bfae649371d5780c6
-
SHA1
8822ff06d6c295dcb2a6dc06c157d23ddee1ba73
-
SHA256
ad578cd082369ae6c15e9b3af4030cbc2075bb672674dd4d3c022530824faaad
-
SHA512
93ab721ec0f30697e3055c960f561dbf5f28d62c6a3a403f9934b3b3d5395c0a6ec0dfe00d707ef5d0ef6a496ac20e0400a62e197a714ad27918ef89bb06700c
Static task
static1
Malware Config
Extracted
redline
udptest
193.56.146.64:65441
Targets
-
-
Target
ad578cd082369ae6c15e9b3af4030cbc2075bb672674dd4d3c022530824faaad
-
Size
285KB
-
MD5
4b65a0c6087ea23bfae649371d5780c6
-
SHA1
8822ff06d6c295dcb2a6dc06c157d23ddee1ba73
-
SHA256
ad578cd082369ae6c15e9b3af4030cbc2075bb672674dd4d3c022530824faaad
-
SHA512
93ab721ec0f30697e3055c960f561dbf5f28d62c6a3a403f9934b3b3d5395c0a6ec0dfe00d707ef5d0ef6a496ac20e0400a62e197a714ad27918ef89bb06700c
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-