General
-
Target
7be97b33d56d986ab2a9145293d403dab7ed147d1c45123231b3d250f1ab37b5
-
Size
393KB
-
Sample
211127-dejlasgdaj
-
MD5
8e1e33b1c00837611351c8586069d1da
-
SHA1
3cbe611df49c898957fb0f5aec528efb17a69fc6
-
SHA256
7be97b33d56d986ab2a9145293d403dab7ed147d1c45123231b3d250f1ab37b5
-
SHA512
12431229e08d6932bba95e2bdc905d4970c9e3a49056fcb1948c1e65226281e134570c8ebbbc8db4833e8ba4f8a14df2a4e7c5fca569e4e7938822c099e456dc
Static task
static1
Malware Config
Extracted
redline
udptest
193.56.146.64:65441
Targets
-
-
Target
7be97b33d56d986ab2a9145293d403dab7ed147d1c45123231b3d250f1ab37b5
-
Size
393KB
-
MD5
8e1e33b1c00837611351c8586069d1da
-
SHA1
3cbe611df49c898957fb0f5aec528efb17a69fc6
-
SHA256
7be97b33d56d986ab2a9145293d403dab7ed147d1c45123231b3d250f1ab37b5
-
SHA512
12431229e08d6932bba95e2bdc905d4970c9e3a49056fcb1948c1e65226281e134570c8ebbbc8db4833e8ba4f8a14df2a4e7c5fca569e4e7938822c099e456dc
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-