General
-
Target
12dc6f5ac9ca2d28ebf75778155f704f33cdff13dc05c462bc7a1ee44d71f2c1
-
Size
283KB
-
Sample
230320-qelrwadf52
-
MD5
5daecaa4d170371d9688f8551346df5e
-
SHA1
2d2374b12c97632ddfe5130ac07c471d3e998b39
-
SHA256
12dc6f5ac9ca2d28ebf75778155f704f33cdff13dc05c462bc7a1ee44d71f2c1
-
SHA512
95d5991d6abe5b201c6c6c1fa733823a5f6437fc68646904dd1d59f4883c37be42e3d2e3d7c530a0fbbd53fe273148bef800f8eef853e25062332f9a47dbc03e
-
SSDEEP
6144:QJHzJ9V9+R5q7pVfBl9w6tUZGjEygUY6WJ:WHzhIkVpl9wwAeETLJ
Static task
static1
Malware Config
Extracted
redline
fronx2
fronxtracking.com:80
-
auth_value
0a4100df2644a6a6582137d2da2c8bd1
Targets
-
-
Target
12dc6f5ac9ca2d28ebf75778155f704f33cdff13dc05c462bc7a1ee44d71f2c1
-
Size
283KB
-
MD5
5daecaa4d170371d9688f8551346df5e
-
SHA1
2d2374b12c97632ddfe5130ac07c471d3e998b39
-
SHA256
12dc6f5ac9ca2d28ebf75778155f704f33cdff13dc05c462bc7a1ee44d71f2c1
-
SHA512
95d5991d6abe5b201c6c6c1fa733823a5f6437fc68646904dd1d59f4883c37be42e3d2e3d7c530a0fbbd53fe273148bef800f8eef853e25062332f9a47dbc03e
-
SSDEEP
6144:QJHzJ9V9+R5q7pVfBl9w6tUZGjEygUY6WJ:WHzhIkVpl9wwAeETLJ
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-