General
-
Target
5741fafec3b9a78b20708de638e2fd0f199a12f265a7b618031989b29ced7f8b
-
Size
283KB
-
Sample
230320-xgy9bagh5x
-
MD5
9b511e64f87dc97357b0913ef77bd529
-
SHA1
b1c6b43c247d4392d7052234b0e39ed4b6891571
-
SHA256
5741fafec3b9a78b20708de638e2fd0f199a12f265a7b618031989b29ced7f8b
-
SHA512
01d22a1d4a39fc0493bc660bf966ab4d32957599c901d89aa2f696f61682351d80cc3208d5469c2ca216a9a9adb5fbab18bca0c1137c02142a936a3496fcd0f8
-
SSDEEP
6144:CuuSdQG0v+j34v8Nzfj8QHNIRlWQMjDRrsEf0f976a:CuuSdQNv+HljilWJB+f
Static task
static1
Malware Config
Extracted
redline
fronx2
fronxtracking.com:80
-
auth_value
0a4100df2644a6a6582137d2da2c8bd1
Targets
-
-
Target
5741fafec3b9a78b20708de638e2fd0f199a12f265a7b618031989b29ced7f8b
-
Size
283KB
-
MD5
9b511e64f87dc97357b0913ef77bd529
-
SHA1
b1c6b43c247d4392d7052234b0e39ed4b6891571
-
SHA256
5741fafec3b9a78b20708de638e2fd0f199a12f265a7b618031989b29ced7f8b
-
SHA512
01d22a1d4a39fc0493bc660bf966ab4d32957599c901d89aa2f696f61682351d80cc3208d5469c2ca216a9a9adb5fbab18bca0c1137c02142a936a3496fcd0f8
-
SSDEEP
6144:CuuSdQG0v+j34v8Nzfj8QHNIRlWQMjDRrsEf0f976a:CuuSdQNv+HljilWJB+f
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-