General
-
Target
ecf02867a8370f0728d7a9fa2872a6e4308a55dd725c447af864038dfcb29549
-
Size
416KB
-
Sample
230321-qlf5zaad55
-
MD5
4dae217a97d6830ac8f8e577149b7434
-
SHA1
4e8d84c898ee6ce364448d1dec726289c67c3dea
-
SHA256
ecf02867a8370f0728d7a9fa2872a6e4308a55dd725c447af864038dfcb29549
-
SHA512
8221cb3ed3b5c5874c4f427c8edb92e04c258e6c1145c6d070fabaa2a5887fb4dca0d38eb641d3364b79f6feefe3dbbd3220fc08a777fec1f21b4c365023a2d4
-
SSDEEP
12288:cBlkithf+iFn3LobyuxHIvcscw68CIw2W:q6itciFbobyuZIvcHwHCIA
Static task
static1
Malware Config
Extracted
redline
fronx2
fronxtracking.com:80
-
auth_value
0a4100df2644a6a6582137d2da2c8bd1
Targets
-
-
Target
ecf02867a8370f0728d7a9fa2872a6e4308a55dd725c447af864038dfcb29549
-
Size
416KB
-
MD5
4dae217a97d6830ac8f8e577149b7434
-
SHA1
4e8d84c898ee6ce364448d1dec726289c67c3dea
-
SHA256
ecf02867a8370f0728d7a9fa2872a6e4308a55dd725c447af864038dfcb29549
-
SHA512
8221cb3ed3b5c5874c4f427c8edb92e04c258e6c1145c6d070fabaa2a5887fb4dca0d38eb641d3364b79f6feefe3dbbd3220fc08a777fec1f21b4c365023a2d4
-
SSDEEP
12288:cBlkithf+iFn3LobyuxHIvcscw68CIw2W:q6itciFbobyuZIvcHwHCIA
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-