General
-
Target
998d65af8483498e6b63d77f85ac38fad6b869c7f9afb5a0a5c5c58017148786
-
Size
396KB
-
Sample
211218-r84p8agbbm
-
MD5
243ff39e2d58e6f5edc1db043031aaf4
-
SHA1
a105049a79667a56cae102b629bd30e81f18f15a
-
SHA256
998d65af8483498e6b63d77f85ac38fad6b869c7f9afb5a0a5c5c58017148786
-
SHA512
6806cfeec07f2e16775989a354ab0295e2c40251f633e7fffdcc9c29eb013fee3e9dc0eae2ef136cd3b6fe64c04b708503723c5ede0a6f9fdb393f0c658c8166
Static task
static1
Malware Config
Extracted
redline
170
45.9.20.240:46257
Targets
-
-
Target
998d65af8483498e6b63d77f85ac38fad6b869c7f9afb5a0a5c5c58017148786
-
Size
396KB
-
MD5
243ff39e2d58e6f5edc1db043031aaf4
-
SHA1
a105049a79667a56cae102b629bd30e81f18f15a
-
SHA256
998d65af8483498e6b63d77f85ac38fad6b869c7f9afb5a0a5c5c58017148786
-
SHA512
6806cfeec07f2e16775989a354ab0295e2c40251f633e7fffdcc9c29eb013fee3e9dc0eae2ef136cd3b6fe64c04b708503723c5ede0a6f9fdb393f0c658c8166
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-