General
-
Target
c939bf838b1f193eee5a45fc71ee9e496d55207032013db4d7afe2d313e30ac4
-
Size
296KB
-
Sample
211126-x74lqaheh7
-
MD5
d00e3939030d8b7c88b002a318852839
-
SHA1
543b15c5a95451698f11c0b506df0e05447c261e
-
SHA256
c939bf838b1f193eee5a45fc71ee9e496d55207032013db4d7afe2d313e30ac4
-
SHA512
c29f096edb72fdfd451defa8f5742f7bbfa6ec99c11fdde5e59c09665f94de5fc9d5ee55f7a1b577d952fae54efbb8840a350f82d15c7aaba1f5c391e672ffca
Static task
static1
Malware Config
Extracted
redline
Updbdate
193.56.146.64:65441
Targets
-
-
Target
c939bf838b1f193eee5a45fc71ee9e496d55207032013db4d7afe2d313e30ac4
-
Size
296KB
-
MD5
d00e3939030d8b7c88b002a318852839
-
SHA1
543b15c5a95451698f11c0b506df0e05447c261e
-
SHA256
c939bf838b1f193eee5a45fc71ee9e496d55207032013db4d7afe2d313e30ac4
-
SHA512
c29f096edb72fdfd451defa8f5742f7bbfa6ec99c11fdde5e59c09665f94de5fc9d5ee55f7a1b577d952fae54efbb8840a350f82d15c7aaba1f5c391e672ffca
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-