General
-
Target
c3414acc4016de81ae2981303eae97d2e23e4f016df3e6d51e5eaab1dd4a13e0
-
Size
285KB
-
Sample
211126-pgf4qsccal
-
MD5
3440344d0595d979897164efdcfeaaee
-
SHA1
8e670bd57aafab86daf6c0751266debe7a534647
-
SHA256
c3414acc4016de81ae2981303eae97d2e23e4f016df3e6d51e5eaab1dd4a13e0
-
SHA512
5b4116097ab92f8476a389403cd4b3374fef1dbdbdbd04653a59c4038a3036c3d3d2b48c4772efe8ca0ed1410d09b913a7f523684bb2711c78f04998c27ef19a
Static task
static1
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
c3414acc4016de81ae2981303eae97d2e23e4f016df3e6d51e5eaab1dd4a13e0
-
Size
285KB
-
MD5
3440344d0595d979897164efdcfeaaee
-
SHA1
8e670bd57aafab86daf6c0751266debe7a534647
-
SHA256
c3414acc4016de81ae2981303eae97d2e23e4f016df3e6d51e5eaab1dd4a13e0
-
SHA512
5b4116097ab92f8476a389403cd4b3374fef1dbdbdbd04653a59c4038a3036c3d3d2b48c4772efe8ca0ed1410d09b913a7f523684bb2711c78f04998c27ef19a
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-