General
-
Target
323782194ef9b9dbd5e03c414e6df42b1a347fd133801c7a9cde8ae51a73122b
-
Size
297KB
-
Sample
211126-vtn8rsdfhq
-
MD5
15a0f976bfa4b89daaa0750dd193304d
-
SHA1
8614e79685c50149119a7f47ad171564c64f1223
-
SHA256
323782194ef9b9dbd5e03c414e6df42b1a347fd133801c7a9cde8ae51a73122b
-
SHA512
e73dadcb8f8187709dea9521e71c1183c194b223c96e60cdfefdf68f172bf5bc26a6a531508c3b88c9cd003e668416c367cc6e0f37c4dc71486310808e821ce6
Static task
static1
Malware Config
Extracted
redline
udptest
193.56.146.64:65441
Targets
-
-
Target
323782194ef9b9dbd5e03c414e6df42b1a347fd133801c7a9cde8ae51a73122b
-
Size
297KB
-
MD5
15a0f976bfa4b89daaa0750dd193304d
-
SHA1
8614e79685c50149119a7f47ad171564c64f1223
-
SHA256
323782194ef9b9dbd5e03c414e6df42b1a347fd133801c7a9cde8ae51a73122b
-
SHA512
e73dadcb8f8187709dea9521e71c1183c194b223c96e60cdfefdf68f172bf5bc26a6a531508c3b88c9cd003e668416c367cc6e0f37c4dc71486310808e821ce6
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-