General
-
Target
b6211eb5af5f00a338e82afc94c30444d5a546aa63ba2a64ed67a58a930a921e
-
Size
283KB
-
Sample
230320-qyh54afg3y
-
MD5
1279d12e867555b35e2e9972e2b13889
-
SHA1
093fd445576ba8168a1a3d99874b2b977eff8a68
-
SHA256
b6211eb5af5f00a338e82afc94c30444d5a546aa63ba2a64ed67a58a930a921e
-
SHA512
f1080e168be3ff2272f7a3500d284d9696ba7a6e9fc305ce6417160926710dd9327a378820136cea9e6c08595d6766f1eebd3f1171390a04a5b66fd226fcc675
-
SSDEEP
6144:ThEpbcq8kElEnWjVhiq0REQSfdCGm0xnM:NEpFqyWjVd0zS1CGlRM
Static task
static1
Malware Config
Extracted
redline
fronx2
fronxtracking.com:80
-
auth_value
0a4100df2644a6a6582137d2da2c8bd1
Targets
-
-
Target
b6211eb5af5f00a338e82afc94c30444d5a546aa63ba2a64ed67a58a930a921e
-
Size
283KB
-
MD5
1279d12e867555b35e2e9972e2b13889
-
SHA1
093fd445576ba8168a1a3d99874b2b977eff8a68
-
SHA256
b6211eb5af5f00a338e82afc94c30444d5a546aa63ba2a64ed67a58a930a921e
-
SHA512
f1080e168be3ff2272f7a3500d284d9696ba7a6e9fc305ce6417160926710dd9327a378820136cea9e6c08595d6766f1eebd3f1171390a04a5b66fd226fcc675
-
SSDEEP
6144:ThEpbcq8kElEnWjVhiq0REQSfdCGm0xnM:NEpFqyWjVd0zS1CGlRM
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-