General
-
Target
96062d8acceacfd16b85960764411640718d9bc7b56cabd43cf664d07744368a
-
Size
137KB
-
Sample
221124-xx8spade48
-
MD5
c8fbf7e62159275b2d13849b26341184
-
SHA1
a1245f045d07a1edf3690b7a2e09b65036342f9a
-
SHA256
96062d8acceacfd16b85960764411640718d9bc7b56cabd43cf664d07744368a
-
SHA512
81b1c74d56900f034b7076091dbe2102b1a3434524b5c7d92e2310166bf6a059079181532db09a007207688a22e563f05d31081c509530ba122d1a385126c216
-
SSDEEP
3072:ZYO/ZMTFxd+Io4TIml+dI+7hX2hWFvydXjAhXSSMb:ZYMZMBxdLoPJBO5VjAh
Behavioral task
behavioral1
Sample
96062d8acceacfd16b85960764411640718d9bc7b56cabd43cf664d07744368a.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
redline
NewYear2023
185.106.92.111:2510
-
auth_value
99e9bde3b38509ea98c3316cc27e6106
Targets
-
-
Target
96062d8acceacfd16b85960764411640718d9bc7b56cabd43cf664d07744368a
-
Size
137KB
-
MD5
c8fbf7e62159275b2d13849b26341184
-
SHA1
a1245f045d07a1edf3690b7a2e09b65036342f9a
-
SHA256
96062d8acceacfd16b85960764411640718d9bc7b56cabd43cf664d07744368a
-
SHA512
81b1c74d56900f034b7076091dbe2102b1a3434524b5c7d92e2310166bf6a059079181532db09a007207688a22e563f05d31081c509530ba122d1a385126c216
-
SSDEEP
3072:ZYO/ZMTFxd+Io4TIml+dI+7hX2hWFvydXjAhXSSMb:ZYMZMBxdLoPJBO5VjAh
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-