General
-
Target
f5dbd92402e50ddc31699a33d130cc61018901dbe62794e5310c3b7f790697c5
-
Size
269KB
-
Sample
211126-z3lapafabl
-
MD5
3027e6b31592dfb4db23c03a4f72af56
-
SHA1
9887b0955e97d4b4cbb0fe896a544744ac5cf8fc
-
SHA256
f5dbd92402e50ddc31699a33d130cc61018901dbe62794e5310c3b7f790697c5
-
SHA512
7ca37f9bf44530c824fa2698c62a9b49dbf2b008e479e55262722a7f167b10327b248559c39d30788b2d43e2563eaeb809480b24104bb8c6c9a3d3bcbc32628d
Static task
static1
Malware Config
Extracted
redline
udptest
193.56.146.64:65441
Targets
-
-
Target
f5dbd92402e50ddc31699a33d130cc61018901dbe62794e5310c3b7f790697c5
-
Size
269KB
-
MD5
3027e6b31592dfb4db23c03a4f72af56
-
SHA1
9887b0955e97d4b4cbb0fe896a544744ac5cf8fc
-
SHA256
f5dbd92402e50ddc31699a33d130cc61018901dbe62794e5310c3b7f790697c5
-
SHA512
7ca37f9bf44530c824fa2698c62a9b49dbf2b008e479e55262722a7f167b10327b248559c39d30788b2d43e2563eaeb809480b24104bb8c6c9a3d3bcbc32628d
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-