General
-
Target
df9830be403604eee36ae55caad7daa2ebc58b9e351d7306efc8bf5e8fb16e32
-
Size
296KB
-
Sample
211127-acantsahc6
-
MD5
0f0af80ab5f8cfb3e88f7cffda98240f
-
SHA1
78625c05c055571cea13c82871a3dc7660ca825e
-
SHA256
df9830be403604eee36ae55caad7daa2ebc58b9e351d7306efc8bf5e8fb16e32
-
SHA512
85dbfe7ffa3e909b937f6fb432230467bf2057c1b821789b890b1ca8514c65e7f38457251158095beec0fe2d2c61a79561d8bd6adb70bf4a17260de47764cf4a
Static task
static1
Malware Config
Extracted
redline
Updbdate
193.56.146.64:65441
Targets
-
-
Target
df9830be403604eee36ae55caad7daa2ebc58b9e351d7306efc8bf5e8fb16e32
-
Size
296KB
-
MD5
0f0af80ab5f8cfb3e88f7cffda98240f
-
SHA1
78625c05c055571cea13c82871a3dc7660ca825e
-
SHA256
df9830be403604eee36ae55caad7daa2ebc58b9e351d7306efc8bf5e8fb16e32
-
SHA512
85dbfe7ffa3e909b937f6fb432230467bf2057c1b821789b890b1ca8514c65e7f38457251158095beec0fe2d2c61a79561d8bd6adb70bf4a17260de47764cf4a
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-