General
-
Target
383971455530fac2251144f82ae6d5570540bede72a53ed0a8ac032a59d14262
-
Size
294KB
-
Sample
211126-s6a6kadcbq
-
MD5
41b7892c969701a32bccb9a2023ec468
-
SHA1
3e9573db1d52c9f9b48b3d1b3dd0f0d2bf6bf9b1
-
SHA256
383971455530fac2251144f82ae6d5570540bede72a53ed0a8ac032a59d14262
-
SHA512
9186d1697d8c594adc05ac77666559efa6c6ca0f5a4ec086455cb5a45147775791b891241a250824bcfe0d668b70d99801fd9f0e0892fdfb5d34b61c37af79b4
Static task
static1
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
383971455530fac2251144f82ae6d5570540bede72a53ed0a8ac032a59d14262
-
Size
294KB
-
MD5
41b7892c969701a32bccb9a2023ec468
-
SHA1
3e9573db1d52c9f9b48b3d1b3dd0f0d2bf6bf9b1
-
SHA256
383971455530fac2251144f82ae6d5570540bede72a53ed0a8ac032a59d14262
-
SHA512
9186d1697d8c594adc05ac77666559efa6c6ca0f5a4ec086455cb5a45147775791b891241a250824bcfe0d668b70d99801fd9f0e0892fdfb5d34b61c37af79b4
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-