General
-
Target
c8f9667dd8cba912a2cfd07e17ecece88bbb39460e1f00beee3854d5172dedb1
-
Size
393KB
-
Sample
211127-a9lscsfhej
-
MD5
9e723b80857ade34c1bf7bcf1006bf96
-
SHA1
174bd2bfda8560b2c7f2bff1a035b284bdfa101c
-
SHA256
c8f9667dd8cba912a2cfd07e17ecece88bbb39460e1f00beee3854d5172dedb1
-
SHA512
b17c29ea85ade9960298d9b00b4bc6031ce98751ef594f308cb38ab18c41869bda5d8af097ac1d18dea7b48674150c8240570adebe670b3333c661406590d87a
Static task
static1
Malware Config
Extracted
redline
Updbdate
193.56.146.64:65441
Targets
-
-
Target
c8f9667dd8cba912a2cfd07e17ecece88bbb39460e1f00beee3854d5172dedb1
-
Size
393KB
-
MD5
9e723b80857ade34c1bf7bcf1006bf96
-
SHA1
174bd2bfda8560b2c7f2bff1a035b284bdfa101c
-
SHA256
c8f9667dd8cba912a2cfd07e17ecece88bbb39460e1f00beee3854d5172dedb1
-
SHA512
b17c29ea85ade9960298d9b00b4bc6031ce98751ef594f308cb38ab18c41869bda5d8af097ac1d18dea7b48674150c8240570adebe670b3333c661406590d87a
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-