General
-
Target
8010da5b1180f780c2ed7d0bf2726015280d4246f91b525b87ba757990cf32ec
-
Size
416KB
-
Sample
230321-p3kztacc91
-
MD5
044936ae6f8e1ad8e2269abe9db054ed
-
SHA1
7aaca703168dba113af17ea453f84207e745ea79
-
SHA256
8010da5b1180f780c2ed7d0bf2726015280d4246f91b525b87ba757990cf32ec
-
SHA512
9428cde624c42749ef65f8d3946ccab95b12df9fb1fa8d5941f28c2199535b042fc0aa5e984556dfe67c32146fe69ce9ecdb711364e24d2f2208fe19fae7e936
-
SSDEEP
6144:EBGL7VitAI6SZURn4LxqpQUqyVKnc/w+ocXlQekeEve44gFdXFWgO:EBGlitAlrnRGU18H+ocXlTEve50Wg
Static task
static1
Malware Config
Extracted
redline
fronx2
fronxtracking.com:80
-
auth_value
0a4100df2644a6a6582137d2da2c8bd1
Targets
-
-
Target
8010da5b1180f780c2ed7d0bf2726015280d4246f91b525b87ba757990cf32ec
-
Size
416KB
-
MD5
044936ae6f8e1ad8e2269abe9db054ed
-
SHA1
7aaca703168dba113af17ea453f84207e745ea79
-
SHA256
8010da5b1180f780c2ed7d0bf2726015280d4246f91b525b87ba757990cf32ec
-
SHA512
9428cde624c42749ef65f8d3946ccab95b12df9fb1fa8d5941f28c2199535b042fc0aa5e984556dfe67c32146fe69ce9ecdb711364e24d2f2208fe19fae7e936
-
SSDEEP
6144:EBGL7VitAI6SZURn4LxqpQUqyVKnc/w+ocXlQekeEve44gFdXFWgO:EBGlitAlrnRGU18H+ocXlTEve50Wg
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-