General
-
Target
885902a03319939755bd19fb0d1a7f7ee57c3fc359d45d7196fd4e7737806bee
-
Size
493KB
-
Sample
230322-1jfrjabe54
-
MD5
e5fa78703cc25a8093dc3adec9388180
-
SHA1
f8d7093aa168b1c658624603ccef26f9a3f9ffd9
-
SHA256
885902a03319939755bd19fb0d1a7f7ee57c3fc359d45d7196fd4e7737806bee
-
SHA512
dd11c93839b45d899eadd194f223f2195a24642e974d449d2b1c41075d705e312bd07f8a1f05f47dc595fadc1160e4c41da7fa718a7322fe2fd596c21eb25da5
-
SSDEEP
6144:nxpQjGy1h3stm9EWBW34ZyUGQnrAHGvKJ8rGqQud/iS1l:nbQjGy12tmpTZ7rAHGo8rukb1l
Static task
static1
Malware Config
Extracted
redline
fronx2
fronxtracking.com:80
-
auth_value
0a4100df2644a6a6582137d2da2c8bd1
Targets
-
-
Target
885902a03319939755bd19fb0d1a7f7ee57c3fc359d45d7196fd4e7737806bee
-
Size
493KB
-
MD5
e5fa78703cc25a8093dc3adec9388180
-
SHA1
f8d7093aa168b1c658624603ccef26f9a3f9ffd9
-
SHA256
885902a03319939755bd19fb0d1a7f7ee57c3fc359d45d7196fd4e7737806bee
-
SHA512
dd11c93839b45d899eadd194f223f2195a24642e974d449d2b1c41075d705e312bd07f8a1f05f47dc595fadc1160e4c41da7fa718a7322fe2fd596c21eb25da5
-
SSDEEP
6144:nxpQjGy1h3stm9EWBW34ZyUGQnrAHGvKJ8rGqQud/iS1l:nbQjGy12tmpTZ7rAHGo8rukb1l
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-