General
-
Target
b0b219f365d2431bd5b14c10797d64db4b309730939b4853cb3e43134f37ab67
-
Size
393KB
-
Sample
211127-fq9mzaghbk
-
MD5
aff01a8dde367e9fec3ad6c422877ad1
-
SHA1
e9d32f2b5fd9b18b9f83b172d82fc4f92c8512b2
-
SHA256
b0b219f365d2431bd5b14c10797d64db4b309730939b4853cb3e43134f37ab67
-
SHA512
ea009a037b9f5feb6c8ae7151d7151e75d99d658df0bae5850232eb659fe4bea557414f801fc1f2ee7c511893f7e58971096672358337fd1696ca29d91d2f6b8
Static task
static1
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
b0b219f365d2431bd5b14c10797d64db4b309730939b4853cb3e43134f37ab67
-
Size
393KB
-
MD5
aff01a8dde367e9fec3ad6c422877ad1
-
SHA1
e9d32f2b5fd9b18b9f83b172d82fc4f92c8512b2
-
SHA256
b0b219f365d2431bd5b14c10797d64db4b309730939b4853cb3e43134f37ab67
-
SHA512
ea009a037b9f5feb6c8ae7151d7151e75d99d658df0bae5850232eb659fe4bea557414f801fc1f2ee7c511893f7e58971096672358337fd1696ca29d91d2f6b8
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-