General
-
Target
73f1b7f653f05110c003b7d423d5cfc2ad59d17ccba7ce61d073256872171cc5
-
Size
462KB
-
Sample
221203-rwzkqsch4v
-
MD5
c9ccafba17de0124817a707b88ef0683
-
SHA1
56fefc5d10dda3668df9df0b588f8c504c6393aa
-
SHA256
73f1b7f653f05110c003b7d423d5cfc2ad59d17ccba7ce61d073256872171cc5
-
SHA512
d5502e369f07c6a2e91a6adc6f2ace4fd979b321c1399eb2f9633c2ca5fa9d28a9b6b51c0b7029218c70cecf1267aa0fa43c3ec3b5f3fcd781b17854d73086c1
-
SSDEEP
12288:iooDKAGZ6nnnogHgUS9iWqpw8sEQD3nMW3WHrY:ibDKAGZ6nnnoB9iWiwFEC86C
Static task
static1
Behavioral task
behavioral1
Sample
73f1b7f653f05110c003b7d423d5cfc2ad59d17ccba7ce61d073256872171cc5.exe
Resource
win10-20220812-en
Malware Config
Extracted
redline
NewDef2023
185.106.92.214:2510
-
auth_value
048f34b18865578890538db10b2e9edf
Targets
-
-
Target
73f1b7f653f05110c003b7d423d5cfc2ad59d17ccba7ce61d073256872171cc5
-
Size
462KB
-
MD5
c9ccafba17de0124817a707b88ef0683
-
SHA1
56fefc5d10dda3668df9df0b588f8c504c6393aa
-
SHA256
73f1b7f653f05110c003b7d423d5cfc2ad59d17ccba7ce61d073256872171cc5
-
SHA512
d5502e369f07c6a2e91a6adc6f2ace4fd979b321c1399eb2f9633c2ca5fa9d28a9b6b51c0b7029218c70cecf1267aa0fa43c3ec3b5f3fcd781b17854d73086c1
-
SSDEEP
12288:iooDKAGZ6nnnogHgUS9iWqpw8sEQD3nMW3WHrY:ibDKAGZ6nnnoB9iWiwFEC86C
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-