General
-
Target
b49caf872949f71549111d28d0a3abb8567643931b0e8d82eb500711efac308f
-
Size
356KB
-
Sample
220521-tr1cksabb7
-
MD5
387554209a150c0c6b7e21cfcb66d767
-
SHA1
b68c9aad00c0544bd927865b60751430c607623b
-
SHA256
b49caf872949f71549111d28d0a3abb8567643931b0e8d82eb500711efac308f
-
SHA512
8fb72a22f8485d7b6147e3819cd51dbf9a9c997b5d30ed5d3f7fb27160496149caad6b923882007f56070ce700eb0cc791b6265c6a5cee661dd946d0ba05654d
Static task
static1
Malware Config
Extracted
redline
3
51.89.204.186:36124
-
auth_value
21358de8b6cf817d47956ee1614a9bfc
Targets
-
-
Target
b49caf872949f71549111d28d0a3abb8567643931b0e8d82eb500711efac308f
-
Size
356KB
-
MD5
387554209a150c0c6b7e21cfcb66d767
-
SHA1
b68c9aad00c0544bd927865b60751430c607623b
-
SHA256
b49caf872949f71549111d28d0a3abb8567643931b0e8d82eb500711efac308f
-
SHA512
8fb72a22f8485d7b6147e3819cd51dbf9a9c997b5d30ed5d3f7fb27160496149caad6b923882007f56070ce700eb0cc791b6265c6a5cee661dd946d0ba05654d
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-