General
-
Target
D4E46DED5BCA4A7086100E2296E9F434D357AF08CC515.exe
-
Size
3.5MB
-
Sample
220806-mghw8adfcl
-
MD5
9ce5f14b8594d39723d696d393ed5cd5
-
SHA1
920a12bb0dce60d81d9b149a5d8fb8e7893ffd56
-
SHA256
d4e46ded5bca4a7086100e2296e9f434d357af08cc5153091834f0b6969133f6
-
SHA512
b0652648aa7b94764be0f27a4941680c6a7ba12b367713e2aac149be1ccd572ecaf1deca6d637e23f4995c04b636d240445f849bbc7bae7ffd6b3b441e7b1be6
Behavioral task
behavioral1
Sample
D4E46DED5BCA4A7086100E2296E9F434D357AF08CC515.exe
Resource
win7-20220718-en
Malware Config
Extracted
redline
3
95.217.188.140:33503
-
auth_value
a34cc5e78c548506cf8a16e5ac230fff
Targets
-
-
Target
D4E46DED5BCA4A7086100E2296E9F434D357AF08CC515.exe
-
Size
3.5MB
-
MD5
9ce5f14b8594d39723d696d393ed5cd5
-
SHA1
920a12bb0dce60d81d9b149a5d8fb8e7893ffd56
-
SHA256
d4e46ded5bca4a7086100e2296e9f434d357af08cc5153091834f0b6969133f6
-
SHA512
b0652648aa7b94764be0f27a4941680c6a7ba12b367713e2aac149be1ccd572ecaf1deca6d637e23f4995c04b636d240445f849bbc7bae7ffd6b3b441e7b1be6
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-