General
-
Target
7cab64a912605162e4ff56056540d4b0accadd8fa63bfafbc09ad64d14008fbb
-
Size
357KB
-
Sample
230321-l7kcasbf8y
-
MD5
59203e00e8d6461d40d95e21b0403e85
-
SHA1
c68d29d4cb81ed1ac0683928cc9b4e319db1560c
-
SHA256
7cab64a912605162e4ff56056540d4b0accadd8fa63bfafbc09ad64d14008fbb
-
SHA512
ce6f0d01840dadafc3fbbf398b7688c0923d3650f725efecab2fc636c5f01cd29c8dffef648c9a897f9d21fdd045c5057735defd6772c7ce3acd8db0fef0f537
-
SSDEEP
6144:HBq0LOpOZaYlL5OY3JMqyTRE6eKQy/+bd9y5NAFcOrpovZ/8z:HBq0wOZaELQY3JjyCfKx+qcFcO69
Static task
static1
Malware Config
Extracted
redline
fronx2
fronxtracking.com:80
-
auth_value
0a4100df2644a6a6582137d2da2c8bd1
Targets
-
-
Target
7cab64a912605162e4ff56056540d4b0accadd8fa63bfafbc09ad64d14008fbb
-
Size
357KB
-
MD5
59203e00e8d6461d40d95e21b0403e85
-
SHA1
c68d29d4cb81ed1ac0683928cc9b4e319db1560c
-
SHA256
7cab64a912605162e4ff56056540d4b0accadd8fa63bfafbc09ad64d14008fbb
-
SHA512
ce6f0d01840dadafc3fbbf398b7688c0923d3650f725efecab2fc636c5f01cd29c8dffef648c9a897f9d21fdd045c5057735defd6772c7ce3acd8db0fef0f537
-
SSDEEP
6144:HBq0LOpOZaYlL5OY3JMqyTRE6eKQy/+bd9y5NAFcOrpovZ/8z:HBq0wOZaELQY3JjyCfKx+qcFcO69
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-