General
-
Target
0957fd4249446eadf4f34289f0e213ad913e5e4a54e6350e1b11cdf128cce993
-
Size
296KB
-
Sample
211126-xcj9lahcc6
-
MD5
c017acee09d52383d2a09f3d667664e1
-
SHA1
0d2790b7281cfcaec75d265037d0e32cc5d3c2e2
-
SHA256
0957fd4249446eadf4f34289f0e213ad913e5e4a54e6350e1b11cdf128cce993
-
SHA512
825a1f3aee27b5e65ebab4bb199492e3a3f5215669b8ec2c1855a9e32ecd0e1d1df45529e002f03132f548b734b43c7224284d2ed32d310e939f184a99d91d92
Static task
static1
Malware Config
Extracted
redline
Updbdate
193.56.146.64:65441
Targets
-
-
Target
0957fd4249446eadf4f34289f0e213ad913e5e4a54e6350e1b11cdf128cce993
-
Size
296KB
-
MD5
c017acee09d52383d2a09f3d667664e1
-
SHA1
0d2790b7281cfcaec75d265037d0e32cc5d3c2e2
-
SHA256
0957fd4249446eadf4f34289f0e213ad913e5e4a54e6350e1b11cdf128cce993
-
SHA512
825a1f3aee27b5e65ebab4bb199492e3a3f5215669b8ec2c1855a9e32ecd0e1d1df45529e002f03132f548b734b43c7224284d2ed32d310e939f184a99d91d92
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-