General
-
Target
5d51612368406ee2f2bd4a78c9861e0f.exe
-
Size
397KB
-
Sample
211219-ewdbaafgh8
-
MD5
5d51612368406ee2f2bd4a78c9861e0f
-
SHA1
32524da9585a827cc4e42da5b01996fa3f75dd4a
-
SHA256
0f58130b7bbfe5ffa1f79ea66fcbb7f3998bd3b7ea53de7f509e36334002986b
-
SHA512
5c428ad8bf322deb06ae716841961aa032052eec8789c55c5c13c23cb1defe7f1d10dd27e2a99e926fa604e93d34de479477b48434b552de548742a40a7b48ae
Static task
static1
Behavioral task
behavioral1
Sample
5d51612368406ee2f2bd4a78c9861e0f.exe
Resource
win7-en-20211208
Malware Config
Extracted
redline
170
45.9.20.240:46257
Targets
-
-
Target
5d51612368406ee2f2bd4a78c9861e0f.exe
-
Size
397KB
-
MD5
5d51612368406ee2f2bd4a78c9861e0f
-
SHA1
32524da9585a827cc4e42da5b01996fa3f75dd4a
-
SHA256
0f58130b7bbfe5ffa1f79ea66fcbb7f3998bd3b7ea53de7f509e36334002986b
-
SHA512
5c428ad8bf322deb06ae716841961aa032052eec8789c55c5c13c23cb1defe7f1d10dd27e2a99e926fa604e93d34de479477b48434b552de548742a40a7b48ae
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-