General
-
Target
3e1bcbd4b84f67392408ae505bc9d8d5bc2b040ca17fcd98662066603c0d1827
-
Size
283KB
-
Sample
230320-xvg7ysgh8y
-
MD5
014bc6b6776e468226eaea9178edb2a7
-
SHA1
1f21f97358e3eb9adc0bc2e22cfa25128bf17611
-
SHA256
3e1bcbd4b84f67392408ae505bc9d8d5bc2b040ca17fcd98662066603c0d1827
-
SHA512
6d787e52f1443dfaedd23fdae4864cb12af74b023eac4d1eaeb9f417adff6eeaa1c79e0eca355e99fd1b2108fb68eb8c0778628980a39efc6d0caaba11e26057
-
SSDEEP
6144:3x16zatd6aut/0zFccPYOrMOChdUjvNNNIN:3x1uatYaLFDPYOrMrrCTm
Static task
static1
Malware Config
Extracted
redline
fronx2
fronxtracking.com:80
-
auth_value
0a4100df2644a6a6582137d2da2c8bd1
Targets
-
-
Target
3e1bcbd4b84f67392408ae505bc9d8d5bc2b040ca17fcd98662066603c0d1827
-
Size
283KB
-
MD5
014bc6b6776e468226eaea9178edb2a7
-
SHA1
1f21f97358e3eb9adc0bc2e22cfa25128bf17611
-
SHA256
3e1bcbd4b84f67392408ae505bc9d8d5bc2b040ca17fcd98662066603c0d1827
-
SHA512
6d787e52f1443dfaedd23fdae4864cb12af74b023eac4d1eaeb9f417adff6eeaa1c79e0eca355e99fd1b2108fb68eb8c0778628980a39efc6d0caaba11e26057
-
SSDEEP
6144:3x16zatd6aut/0zFccPYOrMOChdUjvNNNIN:3x1uatYaLFDPYOrMrrCTm
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-