General
-
Target
2cae9b5f244faa9e37a502c99d1ea6ef72f108232b6635f49cc238808c174882
-
Size
457KB
-
Sample
220125-zasjasefc5
-
MD5
4de61085fa7434fd52f800c45deac40e
-
SHA1
cb9affeb7ae489a59b4ba2b6355e7b9cbf6879ac
-
SHA256
2cae9b5f244faa9e37a502c99d1ea6ef72f108232b6635f49cc238808c174882
-
SHA512
2394090a5c289ba302924fc5320507fc6ce329ec7f5ad784f27d3eeef611a652ca4c42b84ff1f594aaea9abdad231940fc71d8471c415527b2afe2f6ad806a9c
Static task
static1
Behavioral task
behavioral1
Sample
2cae9b5f244faa9e37a502c99d1ea6ef72f108232b6635f49cc238808c174882.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
SEWPALPADIN
45.9.20.112:57175
Targets
-
-
Target
2cae9b5f244faa9e37a502c99d1ea6ef72f108232b6635f49cc238808c174882
-
Size
457KB
-
MD5
4de61085fa7434fd52f800c45deac40e
-
SHA1
cb9affeb7ae489a59b4ba2b6355e7b9cbf6879ac
-
SHA256
2cae9b5f244faa9e37a502c99d1ea6ef72f108232b6635f49cc238808c174882
-
SHA512
2394090a5c289ba302924fc5320507fc6ce329ec7f5ad784f27d3eeef611a652ca4c42b84ff1f594aaea9abdad231940fc71d8471c415527b2afe2f6ad806a9c
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-