General
-
Target
7e13b960bace017bbe7bd375f8bc4f6b32f6dc325a25494876dd5d90bd395ace
-
Size
330KB
-
Sample
230103-18aa2sda93
-
MD5
3ac6a51b0cba1b5fde2def34f0f34c9e
-
SHA1
8322abc5d56ee0a8b388ca6286ae923ecca3d667
-
SHA256
7e13b960bace017bbe7bd375f8bc4f6b32f6dc325a25494876dd5d90bd395ace
-
SHA512
7df4b50ead6f04e914c6404dbd59ee9ba0d6b64ef54f7636f02309777641b52be01ffb9516722532bb76dc39bc2f3322470bfdde87a73a47a37079a1302633d2
-
SSDEEP
6144:3LhLLHHFrr6v+2xXy/5wiwzaQOpkpjrOR3YNKWw8:3LhfHFrw+yX05BiXOpmr/+
Static task
static1
Behavioral task
behavioral1
Sample
7e13b960bace017bbe7bd375f8bc4f6b32f6dc325a25494876dd5d90bd395ace.exe
Resource
win7-20221111-en
Malware Config
Extracted
redline
sport
31.41.244.98:4063
-
auth_value
82cce55eeb56b322651e98032c09d225
Targets
-
-
Target
7e13b960bace017bbe7bd375f8bc4f6b32f6dc325a25494876dd5d90bd395ace
-
Size
330KB
-
MD5
3ac6a51b0cba1b5fde2def34f0f34c9e
-
SHA1
8322abc5d56ee0a8b388ca6286ae923ecca3d667
-
SHA256
7e13b960bace017bbe7bd375f8bc4f6b32f6dc325a25494876dd5d90bd395ace
-
SHA512
7df4b50ead6f04e914c6404dbd59ee9ba0d6b64ef54f7636f02309777641b52be01ffb9516722532bb76dc39bc2f3322470bfdde87a73a47a37079a1302633d2
-
SSDEEP
6144:3LhLLHHFrr6v+2xXy/5wiwzaQOpkpjrOR3YNKWw8:3LhfHFrw+yX05BiXOpmr/+
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-