General
-
Target
5301a991920ced5863cf039630f96629.exe
-
Size
401KB
-
Sample
211219-ewdl2sggcm
-
MD5
5301a991920ced5863cf039630f96629
-
SHA1
cc36c82ac43663e04452c25d26427685318361d7
-
SHA256
d2b868eda7b504b47b0597cbe29ee4cb63177a0585c56a5c847b53a05ba71eb4
-
SHA512
a5cf843c63c5ed5f470f898bd7c9b4089b9a79cdb2d5d978751d0329c678881a4ca571355e2b4851ad8e76dd54e6079bef3f64f28d207d1ba14d07f913f36d7e
Static task
static1
Behavioral task
behavioral1
Sample
5301a991920ced5863cf039630f96629.exe
Resource
win7-en-20211208
Malware Config
Extracted
redline
170
45.9.20.240:46257
Targets
-
-
Target
5301a991920ced5863cf039630f96629.exe
-
Size
401KB
-
MD5
5301a991920ced5863cf039630f96629
-
SHA1
cc36c82ac43663e04452c25d26427685318361d7
-
SHA256
d2b868eda7b504b47b0597cbe29ee4cb63177a0585c56a5c847b53a05ba71eb4
-
SHA512
a5cf843c63c5ed5f470f898bd7c9b4089b9a79cdb2d5d978751d0329c678881a4ca571355e2b4851ad8e76dd54e6079bef3f64f28d207d1ba14d07f913f36d7e
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-