General
-
Target
c87befb155b77369e637bff57c434eef30a09844c49e8782c0d8c95a5952e80c
-
Size
410KB
-
Sample
230224-fxsm2acd4w
-
MD5
c549c17f9362fb952017788d6f2d7d02
-
SHA1
847cc3a99988b5121750d2cddd8903dcca557175
-
SHA256
c87befb155b77369e637bff57c434eef30a09844c49e8782c0d8c95a5952e80c
-
SHA512
abefb610807dec86733c9b07e7d459c7ab0ae914102d52ee5dcd38c4023c21a3190146ce25c1bd8132f230d61c7f0e87cd4e4ff684d0835e07ee731a24a09118
-
SSDEEP
6144:9rLFeUluUBiSkJ5gs9QX7hIhL4Mw5fz0UskTxOyC1DeQEeRtlpjERj0RFb1:lxeOxSJO97eOMwRzpTTYH1yteFpjEE
Static task
static1
Behavioral task
behavioral1
Sample
c87befb155b77369e637bff57c434eef30a09844c49e8782c0d8c95a5952e80c.exe
Resource
win7-20230220-en
Malware Config
Extracted
redline
Hack
154.17.165.178:10377
-
auth_value
50233687e98ee274b44a32fcc741f9a4
Targets
-
-
Target
c87befb155b77369e637bff57c434eef30a09844c49e8782c0d8c95a5952e80c
-
Size
410KB
-
MD5
c549c17f9362fb952017788d6f2d7d02
-
SHA1
847cc3a99988b5121750d2cddd8903dcca557175
-
SHA256
c87befb155b77369e637bff57c434eef30a09844c49e8782c0d8c95a5952e80c
-
SHA512
abefb610807dec86733c9b07e7d459c7ab0ae914102d52ee5dcd38c4023c21a3190146ce25c1bd8132f230d61c7f0e87cd4e4ff684d0835e07ee731a24a09118
-
SSDEEP
6144:9rLFeUluUBiSkJ5gs9QX7hIhL4Mw5fz0UskTxOyC1DeQEeRtlpjERj0RFb1:lxeOxSJO97eOMwRzpTTYH1yteFpjEE
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-