General
-
Target
ace2dc52f8099e74e5182c1bb0345693650bffd3fab08b48df8a648e25552ceb
-
Size
393KB
-
Sample
211127-fdhcysbhe9
-
MD5
055c3cf588e5d03080a9f1f0addb6f52
-
SHA1
9bd1cbd3a9e205266532272fc4359f42a6835e37
-
SHA256
ace2dc52f8099e74e5182c1bb0345693650bffd3fab08b48df8a648e25552ceb
-
SHA512
42639ab5b468c3aa4f52759a4ec584dccc2cb4e5cb353fa6f4036967c0390c7732ca3d238667ed796d613b53abc2442c242ec45c951e764618c95923458c3c4c
Static task
static1
Malware Config
Extracted
redline
udptest
193.56.146.64:65441
Targets
-
-
Target
ace2dc52f8099e74e5182c1bb0345693650bffd3fab08b48df8a648e25552ceb
-
Size
393KB
-
MD5
055c3cf588e5d03080a9f1f0addb6f52
-
SHA1
9bd1cbd3a9e205266532272fc4359f42a6835e37
-
SHA256
ace2dc52f8099e74e5182c1bb0345693650bffd3fab08b48df8a648e25552ceb
-
SHA512
42639ab5b468c3aa4f52759a4ec584dccc2cb4e5cb353fa6f4036967c0390c7732ca3d238667ed796d613b53abc2442c242ec45c951e764618c95923458c3c4c
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-