General
-
Target
40aa3fcf655461b06b455da0d032fcb8f2a5666aa1edb5a6aa214c4ecf2bd13a
-
Size
393KB
-
Sample
211127-a63lpsbaf2
-
MD5
75b261ee6bb1d8a17d2046771545fa64
-
SHA1
f48256f6cf3f977f7e886ef56f963a4f340ae5a9
-
SHA256
40aa3fcf655461b06b455da0d032fcb8f2a5666aa1edb5a6aa214c4ecf2bd13a
-
SHA512
047d0f8551e06da3fe1c3e7e76186963ce400fe6f035179e5f807d475ca365d794032637d7c1b52229b407f2471816073caacb20c8763589e9c36bc7fe2ef9bb
Static task
static1
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
40aa3fcf655461b06b455da0d032fcb8f2a5666aa1edb5a6aa214c4ecf2bd13a
-
Size
393KB
-
MD5
75b261ee6bb1d8a17d2046771545fa64
-
SHA1
f48256f6cf3f977f7e886ef56f963a4f340ae5a9
-
SHA256
40aa3fcf655461b06b455da0d032fcb8f2a5666aa1edb5a6aa214c4ecf2bd13a
-
SHA512
047d0f8551e06da3fe1c3e7e76186963ce400fe6f035179e5f807d475ca365d794032637d7c1b52229b407f2471816073caacb20c8763589e9c36bc7fe2ef9bb
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-