General
-
Target
12cd48721582c41c4526698e45f1c756a62b242b98257ca9a52ceeca77c0f098
-
Size
286KB
-
Sample
211126-qmba4sfgh2
-
MD5
4fc57b39e998d8c1b035bc8c90a25e73
-
SHA1
bd1e6da2a61085c7e61e57182edcc5263a1cb760
-
SHA256
12cd48721582c41c4526698e45f1c756a62b242b98257ca9a52ceeca77c0f098
-
SHA512
79ffe56ab858d8e6f6cd084e0000b7296e3bf63b9707c523a7fc07e1447278ae018f4c65ec2473428825b6258939b651d89a8166fa1d34fadd1d557af6ae04cb
Static task
static1
Malware Config
Extracted
redline
Updbdate
193.56.146.64:65441
Targets
-
-
Target
12cd48721582c41c4526698e45f1c756a62b242b98257ca9a52ceeca77c0f098
-
Size
286KB
-
MD5
4fc57b39e998d8c1b035bc8c90a25e73
-
SHA1
bd1e6da2a61085c7e61e57182edcc5263a1cb760
-
SHA256
12cd48721582c41c4526698e45f1c756a62b242b98257ca9a52ceeca77c0f098
-
SHA512
79ffe56ab858d8e6f6cd084e0000b7296e3bf63b9707c523a7fc07e1447278ae018f4c65ec2473428825b6258939b651d89a8166fa1d34fadd1d557af6ae04cb
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-