General
-
Target
16c17090fa4b44019e2f6d51966f1aeaf8698d2088df8f5ba2d7285da279eacd
-
Size
423KB
-
Sample
211127-qz13asahfk
-
MD5
6e420d3c3cc861df9b77e6ba26a15209
-
SHA1
9e4136dbd034f8362e90f624b5205fa9f55d7371
-
SHA256
16c17090fa4b44019e2f6d51966f1aeaf8698d2088df8f5ba2d7285da279eacd
-
SHA512
327da7fb7a4e84a57c8c56e04ffcfce41a78f333ad6192cf0edf5b1a5ed9cb88885020cc5c8f6dba38487accaf52570570a35de51cac0ec0abaec8d0414ddd85
Static task
static1
Malware Config
Extracted
redline
udptest
193.56.146.64:65441
Targets
-
-
Target
16c17090fa4b44019e2f6d51966f1aeaf8698d2088df8f5ba2d7285da279eacd
-
Size
423KB
-
MD5
6e420d3c3cc861df9b77e6ba26a15209
-
SHA1
9e4136dbd034f8362e90f624b5205fa9f55d7371
-
SHA256
16c17090fa4b44019e2f6d51966f1aeaf8698d2088df8f5ba2d7285da279eacd
-
SHA512
327da7fb7a4e84a57c8c56e04ffcfce41a78f333ad6192cf0edf5b1a5ed9cb88885020cc5c8f6dba38487accaf52570570a35de51cac0ec0abaec8d0414ddd85
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-