General
-
Target
ab36256a56c0084d8dd6d00753c7003fce2c0bf32d0396228479b7fcb60778da
-
Size
493KB
-
Sample
230322-1846esdf8x
-
MD5
731a25a171f092fb4d2aa777bcef8439
-
SHA1
389e8c4fd041874e038a7391c116815d90d890a1
-
SHA256
ab36256a56c0084d8dd6d00753c7003fce2c0bf32d0396228479b7fcb60778da
-
SHA512
bc635eb4e14c10d79b3947a763502d0bcd77e267c4fe2a471e90803143c1aa42a66990ccb2c2e7a5bdfc0d7d9e378371c4ad10da3afe2bfcd19b31adbb3391e2
-
SSDEEP
6144:bxcnr/ng4uOcRVtzfjFwbh8NWczs2oWrjZxJ1:bSnr/noOcRHHCbh8Tzs2oYjZxL
Static task
static1
Malware Config
Extracted
redline
fronx2
fronxtracking.com:80
-
auth_value
0a4100df2644a6a6582137d2da2c8bd1
Targets
-
-
Target
ab36256a56c0084d8dd6d00753c7003fce2c0bf32d0396228479b7fcb60778da
-
Size
493KB
-
MD5
731a25a171f092fb4d2aa777bcef8439
-
SHA1
389e8c4fd041874e038a7391c116815d90d890a1
-
SHA256
ab36256a56c0084d8dd6d00753c7003fce2c0bf32d0396228479b7fcb60778da
-
SHA512
bc635eb4e14c10d79b3947a763502d0bcd77e267c4fe2a471e90803143c1aa42a66990ccb2c2e7a5bdfc0d7d9e378371c4ad10da3afe2bfcd19b31adbb3391e2
-
SSDEEP
6144:bxcnr/ng4uOcRVtzfjFwbh8NWczs2oWrjZxJ1:bSnr/noOcRHHCbh8Tzs2oYjZxL
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-