General
-
Target
7578dd3df758e449aa8b9c5aa4fd775a.exe
-
Size
401KB
-
Sample
211219-e234wsfha7
-
MD5
7578dd3df758e449aa8b9c5aa4fd775a
-
SHA1
d0746e1a353970b5f15bceeb995cfdfe3ef74eb0
-
SHA256
16ca0133e25f806a786bac8e87f85db16c5c492ec5435d46ab5816e79008aab1
-
SHA512
ebf43af43a3ae6dedf1a1a024966e2aa7bc065e0ae236ac7a817a29466212c83542713baa004087b16aff094996641cdf7c8c6a8e3250f444c5318e0d8b5f3e5
Static task
static1
Behavioral task
behavioral1
Sample
7578dd3df758e449aa8b9c5aa4fd775a.exe
Resource
win7-en-20211208
Malware Config
Extracted
redline
170
45.9.20.240:46257
Targets
-
-
Target
7578dd3df758e449aa8b9c5aa4fd775a.exe
-
Size
401KB
-
MD5
7578dd3df758e449aa8b9c5aa4fd775a
-
SHA1
d0746e1a353970b5f15bceeb995cfdfe3ef74eb0
-
SHA256
16ca0133e25f806a786bac8e87f85db16c5c492ec5435d46ab5816e79008aab1
-
SHA512
ebf43af43a3ae6dedf1a1a024966e2aa7bc065e0ae236ac7a817a29466212c83542713baa004087b16aff094996641cdf7c8c6a8e3250f444c5318e0d8b5f3e5
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-