General
-
Target
7b619b347abbd68846d6fc44603cb9e8ffecdf85a51157bb08f6a450f7ec525d
-
Size
393KB
-
Sample
211127-cgzjvsbcf9
-
MD5
0a6fa4fad4577d30efa0947589be453a
-
SHA1
c987588e1985e6ae91f7abdcb377a1a54689366b
-
SHA256
7b619b347abbd68846d6fc44603cb9e8ffecdf85a51157bb08f6a450f7ec525d
-
SHA512
e41728078ffeea56c67fa66f27e3b7c5822b34b0750fc055aa70189410be977845b0665bba43fffbaf7c041e221d439759e3fcf39b6d6b0bd1d84496051b040f
Static task
static1
Malware Config
Extracted
redline
Updbdate
193.56.146.64:65441
Targets
-
-
Target
7b619b347abbd68846d6fc44603cb9e8ffecdf85a51157bb08f6a450f7ec525d
-
Size
393KB
-
MD5
0a6fa4fad4577d30efa0947589be453a
-
SHA1
c987588e1985e6ae91f7abdcb377a1a54689366b
-
SHA256
7b619b347abbd68846d6fc44603cb9e8ffecdf85a51157bb08f6a450f7ec525d
-
SHA512
e41728078ffeea56c67fa66f27e3b7c5822b34b0750fc055aa70189410be977845b0665bba43fffbaf7c041e221d439759e3fcf39b6d6b0bd1d84496051b040f
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-