General
-
Target
c7bb4ade255f17ae970dbd3023e26ed727d0cb612417a45b8148a306a436d7b4
-
Size
416KB
-
Sample
230321-tz9wzsbh92
-
MD5
c5e139060d3668d8ddb628c9a376290f
-
SHA1
265b7ee2603a9deb17a4752e5eb74cfa672699cc
-
SHA256
c7bb4ade255f17ae970dbd3023e26ed727d0cb612417a45b8148a306a436d7b4
-
SHA512
3f4ad0bef3a7b8343b290eaf722de0df04a3771ee53f7cc432e7f28efd3c812ad0719dd6f5c3f41d58b8a7ef0fbff6ac30d3b2dcbd94aedae1b4200ce360b976
-
SSDEEP
6144:NXcWLAFaWxJ+pH/tks9p6XxynCrE/KSpMGeJWJQ:NXcWMAW/GH/K2YXxynCMyWW
Static task
static1
Malware Config
Extracted
redline
fronx2
fronxtracking.com:80
-
auth_value
0a4100df2644a6a6582137d2da2c8bd1
Targets
-
-
Target
c7bb4ade255f17ae970dbd3023e26ed727d0cb612417a45b8148a306a436d7b4
-
Size
416KB
-
MD5
c5e139060d3668d8ddb628c9a376290f
-
SHA1
265b7ee2603a9deb17a4752e5eb74cfa672699cc
-
SHA256
c7bb4ade255f17ae970dbd3023e26ed727d0cb612417a45b8148a306a436d7b4
-
SHA512
3f4ad0bef3a7b8343b290eaf722de0df04a3771ee53f7cc432e7f28efd3c812ad0719dd6f5c3f41d58b8a7ef0fbff6ac30d3b2dcbd94aedae1b4200ce360b976
-
SSDEEP
6144:NXcWLAFaWxJ+pH/tks9p6XxynCrE/KSpMGeJWJQ:NXcWMAW/GH/K2YXxynCMyWW
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-