General
-
Target
0a54d424cefdf724d234ebb2e93aa4b083d8e32000b4b8210adf9779e8b625b1
-
Size
403KB
-
Sample
220124-y4qq5aabdm
-
MD5
0eda17f80d962a875fb1829c03e64990
-
SHA1
ace885204dac34962d621d443ad82e25edcaa8c5
-
SHA256
0a54d424cefdf724d234ebb2e93aa4b083d8e32000b4b8210adf9779e8b625b1
-
SHA512
801fbc9b971b177068209236b772ea66880f692d4d4d000d2158a283cc58d3551b27e94f9399378e28ad2803d85d224b9384afbd9a2a1fb763fa5e808b213392
Static task
static1
Malware Config
Extracted
redline
noname
45.9.20.112:57175
Targets
-
-
Target
0a54d424cefdf724d234ebb2e93aa4b083d8e32000b4b8210adf9779e8b625b1
-
Size
403KB
-
MD5
0eda17f80d962a875fb1829c03e64990
-
SHA1
ace885204dac34962d621d443ad82e25edcaa8c5
-
SHA256
0a54d424cefdf724d234ebb2e93aa4b083d8e32000b4b8210adf9779e8b625b1
-
SHA512
801fbc9b971b177068209236b772ea66880f692d4d4d000d2158a283cc58d3551b27e94f9399378e28ad2803d85d224b9384afbd9a2a1fb763fa5e808b213392
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-