General
-
Target
9548b66d9c4a78a828d004dbe5a0c9a9bd040ec47080ba0b3e8ea98a2f6dfcc9
-
Size
393KB
-
Sample
211127-b1gygsbbh9
-
MD5
d5c34a9589f7b27ee9752de87fcad0fb
-
SHA1
d054a84da90190f996ad34cfe4a246629b1f0560
-
SHA256
9548b66d9c4a78a828d004dbe5a0c9a9bd040ec47080ba0b3e8ea98a2f6dfcc9
-
SHA512
ed73960d8c09c1285927b0dde5deedbff4d0671ec6d95a855610a1e3072565b2c96029633715f32276dc182322cf02aecbc6ee6fb1b13d138f2360a3374fab9f
Static task
static1
Malware Config
Extracted
redline
udptest
193.56.146.64:65441
Targets
-
-
Target
9548b66d9c4a78a828d004dbe5a0c9a9bd040ec47080ba0b3e8ea98a2f6dfcc9
-
Size
393KB
-
MD5
d5c34a9589f7b27ee9752de87fcad0fb
-
SHA1
d054a84da90190f996ad34cfe4a246629b1f0560
-
SHA256
9548b66d9c4a78a828d004dbe5a0c9a9bd040ec47080ba0b3e8ea98a2f6dfcc9
-
SHA512
ed73960d8c09c1285927b0dde5deedbff4d0671ec6d95a855610a1e3072565b2c96029633715f32276dc182322cf02aecbc6ee6fb1b13d138f2360a3374fab9f
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-