General
-
Target
303954c65deed517704593f7952331342ecb2c7fb4ea8a324a28e9f98f1fc365
-
Size
285KB
-
Sample
211126-p1w93accgr
-
MD5
99a6c182a862ccf9f4ff6dc0e4c422fa
-
SHA1
7d77b64bc80dcfb87271bc11cf5556275eec8f63
-
SHA256
303954c65deed517704593f7952331342ecb2c7fb4ea8a324a28e9f98f1fc365
-
SHA512
08f53c8303d5550aef9e53a3d05852daad641d64df19282b1642cc42dd3888c20c575cbb51ec56b52a90da64931e340721f2f61380bc2e68de8035af9a0b6b39
Static task
static1
Malware Config
Extracted
redline
Updbdate
193.56.146.64:65441
Targets
-
-
Target
303954c65deed517704593f7952331342ecb2c7fb4ea8a324a28e9f98f1fc365
-
Size
285KB
-
MD5
99a6c182a862ccf9f4ff6dc0e4c422fa
-
SHA1
7d77b64bc80dcfb87271bc11cf5556275eec8f63
-
SHA256
303954c65deed517704593f7952331342ecb2c7fb4ea8a324a28e9f98f1fc365
-
SHA512
08f53c8303d5550aef9e53a3d05852daad641d64df19282b1642cc42dd3888c20c575cbb51ec56b52a90da64931e340721f2f61380bc2e68de8035af9a0b6b39
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-