General
-
Target
0e31e2aa2369d4f0b004c98aef8682077df4dc9fd1ff3756d63bfd805266bd90
-
Size
425KB
-
Sample
211129-cxzjssbbgq
-
MD5
6f726f27c9867e7fbf9333bde78aa96b
-
SHA1
9c0567a3885c436b29a77e42e71fc9edb1611dec
-
SHA256
0e31e2aa2369d4f0b004c98aef8682077df4dc9fd1ff3756d63bfd805266bd90
-
SHA512
89f2c2e67b517ee34451175dbf46e0d239ef1e23e68de851709304371d6af21447fa7873e1c57017b079120e1b156605bb1bf2ed25f8c7a51eec81549f9a0479
Static task
static1
Malware Config
Extracted
redline
bbtt1
212.193.30.196:13040
Targets
-
-
Target
0e31e2aa2369d4f0b004c98aef8682077df4dc9fd1ff3756d63bfd805266bd90
-
Size
425KB
-
MD5
6f726f27c9867e7fbf9333bde78aa96b
-
SHA1
9c0567a3885c436b29a77e42e71fc9edb1611dec
-
SHA256
0e31e2aa2369d4f0b004c98aef8682077df4dc9fd1ff3756d63bfd805266bd90
-
SHA512
89f2c2e67b517ee34451175dbf46e0d239ef1e23e68de851709304371d6af21447fa7873e1c57017b079120e1b156605bb1bf2ed25f8c7a51eec81549f9a0479
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-