General
-
Target
2dbbd767c018dd54ef40b7f492f8c17d6c4da2a22594f259228a56dea9d482f9
-
Size
393KB
-
Sample
211127-a9p5sabag3
-
MD5
7a6551e337544c28c90513e35d0aac7a
-
SHA1
9c175ad76c96e47fd14f03ad91584004a7d64528
-
SHA256
2dbbd767c018dd54ef40b7f492f8c17d6c4da2a22594f259228a56dea9d482f9
-
SHA512
ea5ebe6e340abb7ab54ac5c05a4f9f12107729d69457eabc25fcd0a3e940c4446176d1e94bd3ae11ff96d074c1147d95f0c9779b1ec5f7c63f5258661672eae2
Static task
static1
Malware Config
Extracted
redline
udptest
193.56.146.64:65441
Targets
-
-
Target
2dbbd767c018dd54ef40b7f492f8c17d6c4da2a22594f259228a56dea9d482f9
-
Size
393KB
-
MD5
7a6551e337544c28c90513e35d0aac7a
-
SHA1
9c175ad76c96e47fd14f03ad91584004a7d64528
-
SHA256
2dbbd767c018dd54ef40b7f492f8c17d6c4da2a22594f259228a56dea9d482f9
-
SHA512
ea5ebe6e340abb7ab54ac5c05a4f9f12107729d69457eabc25fcd0a3e940c4446176d1e94bd3ae11ff96d074c1147d95f0c9779b1ec5f7c63f5258661672eae2
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-