General
-
Target
d1f94547b42904bc6ba1812d42db9db9d223ecfb7aa63c7e53d469093bccec67
-
Size
295KB
-
Sample
211126-ssp3kagdh5
-
MD5
c190f9ee0fbcaa6b4710e20a16f73036
-
SHA1
577ebc7f27f46a619820b679df5804a3791ca18f
-
SHA256
d1f94547b42904bc6ba1812d42db9db9d223ecfb7aa63c7e53d469093bccec67
-
SHA512
6c855385ff626755915952faf147970a2d24fb7581219edff9827226b0612bf1e7a9493456d1335903e798b682526df181792753675b4720e519a258417a9523
Static task
static1
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
d1f94547b42904bc6ba1812d42db9db9d223ecfb7aa63c7e53d469093bccec67
-
Size
295KB
-
MD5
c190f9ee0fbcaa6b4710e20a16f73036
-
SHA1
577ebc7f27f46a619820b679df5804a3791ca18f
-
SHA256
d1f94547b42904bc6ba1812d42db9db9d223ecfb7aa63c7e53d469093bccec67
-
SHA512
6c855385ff626755915952faf147970a2d24fb7581219edff9827226b0612bf1e7a9493456d1335903e798b682526df181792753675b4720e519a258417a9523
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-