General
-
Target
657aa26d216681ead7bcc332733d0b841d6b5ca490bc1b821e31f644b0380263
-
Size
283KB
-
Sample
230320-wsg9hagg7y
-
MD5
bef7f3450f8ca9f40c26b7752367fbb0
-
SHA1
6835ab059f20de8bc94066c9f8e53366618457b7
-
SHA256
657aa26d216681ead7bcc332733d0b841d6b5ca490bc1b821e31f644b0380263
-
SHA512
ad9202ab85e651c03ceb23822d9bf947698c9271d5572761225f9b7b35892459383b1f1ac39abde87d2dc283a4f49ee49b0eb26a8861656bab3be6c3fde31b02
-
SSDEEP
3072:sbuW6aMwDRWtgi68sJzxQ5gtpgtMAzGfYs+8taBIZ6uljP/mrSjq/z1XZ:E6T0i6zYNzGfYlhuN/mGjq
Static task
static1
Malware Config
Extracted
redline
fronx2
fronxtracking.com:80
-
auth_value
0a4100df2644a6a6582137d2da2c8bd1
Targets
-
-
Target
657aa26d216681ead7bcc332733d0b841d6b5ca490bc1b821e31f644b0380263
-
Size
283KB
-
MD5
bef7f3450f8ca9f40c26b7752367fbb0
-
SHA1
6835ab059f20de8bc94066c9f8e53366618457b7
-
SHA256
657aa26d216681ead7bcc332733d0b841d6b5ca490bc1b821e31f644b0380263
-
SHA512
ad9202ab85e651c03ceb23822d9bf947698c9271d5572761225f9b7b35892459383b1f1ac39abde87d2dc283a4f49ee49b0eb26a8861656bab3be6c3fde31b02
-
SSDEEP
3072:sbuW6aMwDRWtgi68sJzxQ5gtpgtMAzGfYs+8taBIZ6uljP/mrSjq/z1XZ:E6T0i6zYNzGfYlhuN/mGjq
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-