General
-
Target
2cf7c92dbb034760c4993838446612bc62dddb1cfd6beb1bc52d1e19bcf7f8c6
-
Size
283KB
-
Sample
230320-nsy81sdc82
-
MD5
8a6b7fef202bcefde6e805251a2012ff
-
SHA1
fefda0e1c5154018ddb50398f025ee6310955578
-
SHA256
2cf7c92dbb034760c4993838446612bc62dddb1cfd6beb1bc52d1e19bcf7f8c6
-
SHA512
70263c142ee509d5057b9644529304b2fc4c1c95b5c6cc69d38698872cda6c18b10130c85cd05938eb821caf00640f07e5bda63723993e4440d45e32e6a47e87
-
SSDEEP
6144:vO0GPsKLLsatXz6+oAPta+1SQW438dhHW8:m0G1ntXW+oAFd1Sz4MfHW8
Static task
static1
Malware Config
Extracted
redline
fronx2
fronxtracking.com:80
-
auth_value
0a4100df2644a6a6582137d2da2c8bd1
Targets
-
-
Target
2cf7c92dbb034760c4993838446612bc62dddb1cfd6beb1bc52d1e19bcf7f8c6
-
Size
283KB
-
MD5
8a6b7fef202bcefde6e805251a2012ff
-
SHA1
fefda0e1c5154018ddb50398f025ee6310955578
-
SHA256
2cf7c92dbb034760c4993838446612bc62dddb1cfd6beb1bc52d1e19bcf7f8c6
-
SHA512
70263c142ee509d5057b9644529304b2fc4c1c95b5c6cc69d38698872cda6c18b10130c85cd05938eb821caf00640f07e5bda63723993e4440d45e32e6a47e87
-
SSDEEP
6144:vO0GPsKLLsatXz6+oAPta+1SQW438dhHW8:m0G1ntXW+oAFd1Sz4MfHW8
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-