General
-
Target
fb7d2f56e612a0cdd5c39008804b8e6c941402da9d365371173b994fd38cbcfe
-
Size
286KB
-
Sample
211126-qle8nsfgg5
-
MD5
57ebf940186307221ce6bcf9ae666870
-
SHA1
6957bf919d243a87386572d76fbfc36b826be35d
-
SHA256
fb7d2f56e612a0cdd5c39008804b8e6c941402da9d365371173b994fd38cbcfe
-
SHA512
4874056051cf2bcc35fb0ece44f1732c46b0975bf918aac67ed84b672f292e597ae05132a61875dd93afbd9c2a463925359575d134a97904f6e36c3b6498f1ed
Static task
static1
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
fb7d2f56e612a0cdd5c39008804b8e6c941402da9d365371173b994fd38cbcfe
-
Size
286KB
-
MD5
57ebf940186307221ce6bcf9ae666870
-
SHA1
6957bf919d243a87386572d76fbfc36b826be35d
-
SHA256
fb7d2f56e612a0cdd5c39008804b8e6c941402da9d365371173b994fd38cbcfe
-
SHA512
4874056051cf2bcc35fb0ece44f1732c46b0975bf918aac67ed84b672f292e597ae05132a61875dd93afbd9c2a463925359575d134a97904f6e36c3b6498f1ed
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-