General
-
Target
2e556ee575f3f72f349fa9cad4566bea.exe
-
Size
397KB
-
Sample
211219-epmw5sggbp
-
MD5
2e556ee575f3f72f349fa9cad4566bea
-
SHA1
922533ee320c58959b94516a0233405e632d58b0
-
SHA256
0312b8b55bcbffb99d4aee533b73fa0a61b87e3dc96c74973c2614bc3bdf3c5b
-
SHA512
2f329534ab10bbd285a2ee3e074fc99c59f28eae50a3d746d505bf7bb2b2cb24e0381bc3f61cbc4e4f881e682d226f0cc1e73da0325ac89f67d08fbeb9f93ca9
Static task
static1
Behavioral task
behavioral1
Sample
2e556ee575f3f72f349fa9cad4566bea.exe
Resource
win7-en-20211208
Malware Config
Extracted
redline
170
45.9.20.240:46257
Targets
-
-
Target
2e556ee575f3f72f349fa9cad4566bea.exe
-
Size
397KB
-
MD5
2e556ee575f3f72f349fa9cad4566bea
-
SHA1
922533ee320c58959b94516a0233405e632d58b0
-
SHA256
0312b8b55bcbffb99d4aee533b73fa0a61b87e3dc96c74973c2614bc3bdf3c5b
-
SHA512
2f329534ab10bbd285a2ee3e074fc99c59f28eae50a3d746d505bf7bb2b2cb24e0381bc3f61cbc4e4f881e682d226f0cc1e73da0325ac89f67d08fbeb9f93ca9
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-