General
-
Target
ea7aaed308998c40cd686a16c797ee101a77ea79508eb3980afdf4a6e1ef8b65
-
Size
284KB
-
Sample
211126-qjsqzsceam
-
MD5
e1a8956b8a367638e3ae2fc3bb02c524
-
SHA1
b6f759c9228cdf8a00363319b38d4407db3a1274
-
SHA256
ea7aaed308998c40cd686a16c797ee101a77ea79508eb3980afdf4a6e1ef8b65
-
SHA512
bb85432bdd9b9820133ff52c62444a97e81c6cc3838b08dbbbb21d5b285d9042a604a36ba4460ca49f8c6ee68857ff4315d5bc1da0b3389a716fdfed8b825170
Static task
static1
Malware Config
Extracted
redline
udptest
193.56.146.64:65441
Targets
-
-
Target
ea7aaed308998c40cd686a16c797ee101a77ea79508eb3980afdf4a6e1ef8b65
-
Size
284KB
-
MD5
e1a8956b8a367638e3ae2fc3bb02c524
-
SHA1
b6f759c9228cdf8a00363319b38d4407db3a1274
-
SHA256
ea7aaed308998c40cd686a16c797ee101a77ea79508eb3980afdf4a6e1ef8b65
-
SHA512
bb85432bdd9b9820133ff52c62444a97e81c6cc3838b08dbbbb21d5b285d9042a604a36ba4460ca49f8c6ee68857ff4315d5bc1da0b3389a716fdfed8b825170
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-