General
-
Target
43633799f236be62fcc06fb032bf852afb06998b342bb0ec1872fd895a1fcbd4
-
Size
403KB
-
Sample
220124-ymf6cshhdl
-
MD5
b12ad82f338b9214be7dca2e2abdd85c
-
SHA1
ce750e7e93b64e26af86401121eb6aeb377cb0db
-
SHA256
43633799f236be62fcc06fb032bf852afb06998b342bb0ec1872fd895a1fcbd4
-
SHA512
45a30361f87ab02bf071d2a0e8839cbc018d8ad9538951ca81747585a316581de72ef373765df4ee2cb998916512c15bfc4d3f3142927061fb077d4779b6ead7
Static task
static1
Malware Config
Extracted
redline
noname
45.9.20.112:57175
Targets
-
-
Target
43633799f236be62fcc06fb032bf852afb06998b342bb0ec1872fd895a1fcbd4
-
Size
403KB
-
MD5
b12ad82f338b9214be7dca2e2abdd85c
-
SHA1
ce750e7e93b64e26af86401121eb6aeb377cb0db
-
SHA256
43633799f236be62fcc06fb032bf852afb06998b342bb0ec1872fd895a1fcbd4
-
SHA512
45a30361f87ab02bf071d2a0e8839cbc018d8ad9538951ca81747585a316581de72ef373765df4ee2cb998916512c15bfc4d3f3142927061fb077d4779b6ead7
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-