General
-
Target
7ab645eca9f341c210a9f25859ee9b8b0f7b68fd6188268b7ab9d38a339ac440
-
Size
416KB
-
Sample
230321-srhxvsdf8z
-
MD5
27987caf565f12495bf3bc408bc49e76
-
SHA1
261acea5d57b5269e96290e86b81b1f4cf95e75d
-
SHA256
7ab645eca9f341c210a9f25859ee9b8b0f7b68fd6188268b7ab9d38a339ac440
-
SHA512
1cf760bfb03f95b5f1dbf180121f7bc19073bff03de2fd0569be719367ef0c8f14c73012175e88a9d552e0f8888902601e808af23ee24ebcfc85dd8feda098a3
-
SSDEEP
6144:XucWLQtHqkYm6CZhcxZeWVYmk3llrgClQOeJWhn:XucWUhqkYNCTsVYP3llrvUWN
Static task
static1
Malware Config
Extracted
redline
fronx2
fronxtracking.com:80
-
auth_value
0a4100df2644a6a6582137d2da2c8bd1
Targets
-
-
Target
7ab645eca9f341c210a9f25859ee9b8b0f7b68fd6188268b7ab9d38a339ac440
-
Size
416KB
-
MD5
27987caf565f12495bf3bc408bc49e76
-
SHA1
261acea5d57b5269e96290e86b81b1f4cf95e75d
-
SHA256
7ab645eca9f341c210a9f25859ee9b8b0f7b68fd6188268b7ab9d38a339ac440
-
SHA512
1cf760bfb03f95b5f1dbf180121f7bc19073bff03de2fd0569be719367ef0c8f14c73012175e88a9d552e0f8888902601e808af23ee24ebcfc85dd8feda098a3
-
SSDEEP
6144:XucWLQtHqkYm6CZhcxZeWVYmk3llrgClQOeJWhn:XucWUhqkYNCTsVYP3llrvUWN
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-