General
-
Target
fe986ed3b0c0b0774c34d3b0ffd5aff281185b610fe5cf1a102544767378f707
-
Size
286KB
-
Sample
211126-rsa3zachbq
-
MD5
cc9c5ad03b23ab115ba1c2aacb8e37d2
-
SHA1
b9cbcd97ee30aecd70395b3a9c2d399c12f84381
-
SHA256
fe986ed3b0c0b0774c34d3b0ffd5aff281185b610fe5cf1a102544767378f707
-
SHA512
c7aab23905ed7f1e20f8474e1ca10a849c9835961dc435bb4edc234aefa252098745c3648583568618f13cbcc95b274ec68171e423a5334da030e525ac1228f2
Static task
static1
Malware Config
Extracted
redline
udptest
193.56.146.64:65441
Targets
-
-
Target
fe986ed3b0c0b0774c34d3b0ffd5aff281185b610fe5cf1a102544767378f707
-
Size
286KB
-
MD5
cc9c5ad03b23ab115ba1c2aacb8e37d2
-
SHA1
b9cbcd97ee30aecd70395b3a9c2d399c12f84381
-
SHA256
fe986ed3b0c0b0774c34d3b0ffd5aff281185b610fe5cf1a102544767378f707
-
SHA512
c7aab23905ed7f1e20f8474e1ca10a849c9835961dc435bb4edc234aefa252098745c3648583568618f13cbcc95b274ec68171e423a5334da030e525ac1228f2
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-