General
-
Target
dcfc3aae1c037c19f0410275dc75ab0d516283313c6b8e5377b814631a27ff91
-
Size
416KB
-
Sample
230321-tmlnmabh44
-
MD5
8f478e910727705115216a0027614756
-
SHA1
93701ea7c9aef92234fb57414aa4fd198d41c04d
-
SHA256
dcfc3aae1c037c19f0410275dc75ab0d516283313c6b8e5377b814631a27ff91
-
SHA512
916a843cb14104e2bf7de56736ec05c91a746a81a6d28d0c83c039c6c947cd4e1e5f30993bd4dc1698394af389fb9968480490b0cfde66c8fb0fd568c7f6315b
-
SSDEEP
6144:XlcULYhvihNKGdlwXw4N3El1lrvfrgJMkmOUn+aeJWLqn:XlcUU5qdlcN3ElDLqs+WLq
Static task
static1
Malware Config
Extracted
redline
fronx2
fronxtracking.com:80
-
auth_value
0a4100df2644a6a6582137d2da2c8bd1
Targets
-
-
Target
dcfc3aae1c037c19f0410275dc75ab0d516283313c6b8e5377b814631a27ff91
-
Size
416KB
-
MD5
8f478e910727705115216a0027614756
-
SHA1
93701ea7c9aef92234fb57414aa4fd198d41c04d
-
SHA256
dcfc3aae1c037c19f0410275dc75ab0d516283313c6b8e5377b814631a27ff91
-
SHA512
916a843cb14104e2bf7de56736ec05c91a746a81a6d28d0c83c039c6c947cd4e1e5f30993bd4dc1698394af389fb9968480490b0cfde66c8fb0fd568c7f6315b
-
SSDEEP
6144:XlcULYhvihNKGdlwXw4N3El1lrvfrgJMkmOUn+aeJWLqn:XlcUU5qdlcN3ElDLqs+WLq
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-