General
-
Target
48dbf0a55d629f46de2ffa04564baf87ad965c9ca79222a39782d70dc49e2ff1
-
Size
393KB
-
Sample
211127-ezhp6sgfgl
-
MD5
78460c3a12729bc09a988a6e131de19f
-
SHA1
ec2168dab88dd2e4083e32c7d9eefe1464d0dee1
-
SHA256
48dbf0a55d629f46de2ffa04564baf87ad965c9ca79222a39782d70dc49e2ff1
-
SHA512
10f898e7e00ab28b46c3743299e287a68901a6e59df9dd5798cf3449a9eb91070f925ed8af73fc5534941a2e23abb83bf35a8e37775963020801a7b3d75acce5
Static task
static1
Malware Config
Extracted
redline
udptest
193.56.146.64:65441
Targets
-
-
Target
48dbf0a55d629f46de2ffa04564baf87ad965c9ca79222a39782d70dc49e2ff1
-
Size
393KB
-
MD5
78460c3a12729bc09a988a6e131de19f
-
SHA1
ec2168dab88dd2e4083e32c7d9eefe1464d0dee1
-
SHA256
48dbf0a55d629f46de2ffa04564baf87ad965c9ca79222a39782d70dc49e2ff1
-
SHA512
10f898e7e00ab28b46c3743299e287a68901a6e59df9dd5798cf3449a9eb91070f925ed8af73fc5534941a2e23abb83bf35a8e37775963020801a7b3d75acce5
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-