General
-
Target
56453d38f9c815ecab89a08b0ee3f81a8d527a351ca9ca4d8d7434f87d36e5a0
-
Size
108KB
-
Sample
220220-as31baehg4
-
MD5
00ebce36f199dc5197076c464a284ac8
-
SHA1
f4b97ed60da777cafab359696159fab854224db0
-
SHA256
56453d38f9c815ecab89a08b0ee3f81a8d527a351ca9ca4d8d7434f87d36e5a0
-
SHA512
7de0a638ab078012069508594db720123be78e76b53a869a055f32dc6932b4314f79ab6e1bdfe4bbc80b996982226a74c5b691df858bf4ab9af1b5c26e8b72b2
Malware Config
Extracted
redline
TEST1
86.107.197.196:63065
-
auth_value
27ffc688a5404c680b9ac629d48e2917
Targets
-
-
Target
56453d38f9c815ecab89a08b0ee3f81a8d527a351ca9ca4d8d7434f87d36e5a0
-
Size
108KB
-
MD5
00ebce36f199dc5197076c464a284ac8
-
SHA1
f4b97ed60da777cafab359696159fab854224db0
-
SHA256
56453d38f9c815ecab89a08b0ee3f81a8d527a351ca9ca4d8d7434f87d36e5a0
-
SHA512
7de0a638ab078012069508594db720123be78e76b53a869a055f32dc6932b4314f79ab6e1bdfe4bbc80b996982226a74c5b691df858bf4ab9af1b5c26e8b72b2
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-