General
-
Target
f3c925c1dbe719936cd19b81e1709159122ea1c81d97f7786f7f305985829b94
-
Size
278KB
-
Sample
230130-178r8ada69
-
MD5
30fce29f112f89c4f25b9803e76e580b
-
SHA1
c9df7638cf19f685cedc5055bd912040dab1063a
-
SHA256
f3c925c1dbe719936cd19b81e1709159122ea1c81d97f7786f7f305985829b94
-
SHA512
512c84df111eaf2d36a814b3b1eadb25fa4fa8141a43bc37456b76f8b70ea9f8a39c4d306e5118e58e2bfd1f76eabf9092777bcf6a05e003ee4f32ea534c4b61
-
SSDEEP
6144:W9L+BIEWad6o5VUFDlDc17Iw235HTgrODsucW1b8Bg:W9UIEW5CViA1y35zgrrW1b8B
Static task
static1
Behavioral task
behavioral1
Sample
f3c925c1dbe719936cd19b81e1709159122ea1c81d97f7786f7f305985829b94.exe
Resource
win7-20221111-en
Malware Config
Extracted
redline
fredy
62.204.41.170:4132
-
auth_value
880249eef9593d49a1a3cddf57c5cb35
Targets
-
-
Target
f3c925c1dbe719936cd19b81e1709159122ea1c81d97f7786f7f305985829b94
-
Size
278KB
-
MD5
30fce29f112f89c4f25b9803e76e580b
-
SHA1
c9df7638cf19f685cedc5055bd912040dab1063a
-
SHA256
f3c925c1dbe719936cd19b81e1709159122ea1c81d97f7786f7f305985829b94
-
SHA512
512c84df111eaf2d36a814b3b1eadb25fa4fa8141a43bc37456b76f8b70ea9f8a39c4d306e5118e58e2bfd1f76eabf9092777bcf6a05e003ee4f32ea534c4b61
-
SSDEEP
6144:W9L+BIEWad6o5VUFDlDc17Iw235HTgrODsucW1b8Bg:W9UIEW5CViA1y35zgrrW1b8B
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-