General
-
Target
c9e459115656ff9b4b028936f6c8d7ef9d8ac19bf1a14c6796f5461352ca2066
-
Size
390KB
-
Sample
220524-dq81bsdga5
-
MD5
f68beac5130749d135ef367fa1b1360d
-
SHA1
3eae25b49309130f9058ad0ec3d7c589a8db8eb0
-
SHA256
c9e459115656ff9b4b028936f6c8d7ef9d8ac19bf1a14c6796f5461352ca2066
-
SHA512
95bd94aa6ac010bc4989444500d170e5c7f262638547fe5b959daa9107cb290d07268c77be63803f855d4b041ab7b29e3c2d54628835fd1f07980ee4a961bcb7
Static task
static1
Malware Config
Extracted
redline
redline
193.106.191.225:15304
-
auth_value
7357e43942d666e37ce6cba9e0dcacd9
Targets
-
-
Target
c9e459115656ff9b4b028936f6c8d7ef9d8ac19bf1a14c6796f5461352ca2066
-
Size
390KB
-
MD5
f68beac5130749d135ef367fa1b1360d
-
SHA1
3eae25b49309130f9058ad0ec3d7c589a8db8eb0
-
SHA256
c9e459115656ff9b4b028936f6c8d7ef9d8ac19bf1a14c6796f5461352ca2066
-
SHA512
95bd94aa6ac010bc4989444500d170e5c7f262638547fe5b959daa9107cb290d07268c77be63803f855d4b041ab7b29e3c2d54628835fd1f07980ee4a961bcb7
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-