General
-
Target
07225de05278325c96d5c63416d152855b12e12d3ec6f22747a50a2d09dcea19
-
Size
296KB
-
Sample
211126-yvcg5sefbm
-
MD5
4bca228bcc460bfe08e72b8d2f6d4fd9
-
SHA1
396c5171c3ad44ca7a4b0f982c93acfea67865c7
-
SHA256
07225de05278325c96d5c63416d152855b12e12d3ec6f22747a50a2d09dcea19
-
SHA512
387cb99dca193be915a836b6346311282a6d576592855f5d9e95fa01b06c64fbbf1a340721f7bf8823c7a727293b950a8a4663ed66a2d7e6803e9363fe27d7f0
Static task
static1
Malware Config
Extracted
redline
udptest
193.56.146.64:65441
Targets
-
-
Target
07225de05278325c96d5c63416d152855b12e12d3ec6f22747a50a2d09dcea19
-
Size
296KB
-
MD5
4bca228bcc460bfe08e72b8d2f6d4fd9
-
SHA1
396c5171c3ad44ca7a4b0f982c93acfea67865c7
-
SHA256
07225de05278325c96d5c63416d152855b12e12d3ec6f22747a50a2d09dcea19
-
SHA512
387cb99dca193be915a836b6346311282a6d576592855f5d9e95fa01b06c64fbbf1a340721f7bf8823c7a727293b950a8a4663ed66a2d7e6803e9363fe27d7f0
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-