General
-
Target
56224d0c460bd2705f5cfbc4341a956758c58c07a18c0bd6062a7afe28d434e5
-
Size
285KB
-
Sample
211126-kaqx5seec4
-
MD5
10abc8f02171d97784f3ea8e0102e256
-
SHA1
0b09150bae31a219964461df63504a50bdab3423
-
SHA256
56224d0c460bd2705f5cfbc4341a956758c58c07a18c0bd6062a7afe28d434e5
-
SHA512
608d854fa32bdfa742f244503aabc0f4cee1e516a79935115a5e66fe65bea5e594466240ec90bc3b1b0e68530308c8a7ddf97d13921656ce44aa0f1c604f38e9
Static task
static1
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
56224d0c460bd2705f5cfbc4341a956758c58c07a18c0bd6062a7afe28d434e5
-
Size
285KB
-
MD5
10abc8f02171d97784f3ea8e0102e256
-
SHA1
0b09150bae31a219964461df63504a50bdab3423
-
SHA256
56224d0c460bd2705f5cfbc4341a956758c58c07a18c0bd6062a7afe28d434e5
-
SHA512
608d854fa32bdfa742f244503aabc0f4cee1e516a79935115a5e66fe65bea5e594466240ec90bc3b1b0e68530308c8a7ddf97d13921656ce44aa0f1c604f38e9
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-