General
-
Target
eef292f978951d84d3aa868812ab80f3f11727a912fa38c942c5f41565cc3b01
-
Size
393KB
-
Sample
211127-j4s4xscfe5
-
MD5
eb13ac8b7f85826bc31adbe3343dcb96
-
SHA1
ce4a475227ff249715489d0d45146dc4aa8e0866
-
SHA256
eef292f978951d84d3aa868812ab80f3f11727a912fa38c942c5f41565cc3b01
-
SHA512
bee38829c2522cc2a077c6d715f18d84b377a2e423d49230c50b7c4f2bbb3654a1f67473a3e7a5d5d0efbd0fc7de7e5e548807ade3e5207a5dfa6c5c322e309f
Static task
static1
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
eef292f978951d84d3aa868812ab80f3f11727a912fa38c942c5f41565cc3b01
-
Size
393KB
-
MD5
eb13ac8b7f85826bc31adbe3343dcb96
-
SHA1
ce4a475227ff249715489d0d45146dc4aa8e0866
-
SHA256
eef292f978951d84d3aa868812ab80f3f11727a912fa38c942c5f41565cc3b01
-
SHA512
bee38829c2522cc2a077c6d715f18d84b377a2e423d49230c50b7c4f2bbb3654a1f67473a3e7a5d5d0efbd0fc7de7e5e548807ade3e5207a5dfa6c5c322e309f
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-