General
-
Target
6f2e0ba809d915ac14d418225fcd04b61d83f9c068c98725024c7af982009570
-
Size
295KB
-
Sample
211126-tbwdpadcfk
-
MD5
46dc4b3105e3d8bcd558c9f881d1c452
-
SHA1
7c2ca97e4fd73eee616a980cebeb296a7dde4e42
-
SHA256
6f2e0ba809d915ac14d418225fcd04b61d83f9c068c98725024c7af982009570
-
SHA512
0c1d42d730f16f0220a0a0e38f9ef313b0b2f60c509d107eb93ea2c43f1691051d41c5e97466d886294c87fe19f313ad893e8ef45b0c538e7ebc19697ba85dd1
Static task
static1
Malware Config
Extracted
redline
Updbdate
193.56.146.64:65441
Targets
-
-
Target
6f2e0ba809d915ac14d418225fcd04b61d83f9c068c98725024c7af982009570
-
Size
295KB
-
MD5
46dc4b3105e3d8bcd558c9f881d1c452
-
SHA1
7c2ca97e4fd73eee616a980cebeb296a7dde4e42
-
SHA256
6f2e0ba809d915ac14d418225fcd04b61d83f9c068c98725024c7af982009570
-
SHA512
0c1d42d730f16f0220a0a0e38f9ef313b0b2f60c509d107eb93ea2c43f1691051d41c5e97466d886294c87fe19f313ad893e8ef45b0c538e7ebc19697ba85dd1
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-