General
-
Target
283bc2622855d32c8506b1bb08d735a3bb7de8f1c3363e18a30a9306ca3dd31d
-
Size
493KB
-
Sample
230322-3g6ahsea6w
-
MD5
a1179c60fe326b93148d3ba0139b9ef0
-
SHA1
11ad5cc3f18c297ec6201aacdeda2a1c5504fb91
-
SHA256
283bc2622855d32c8506b1bb08d735a3bb7de8f1c3363e18a30a9306ca3dd31d
-
SHA512
b4997b110c2fcdda0b8c6c4ea6525a09af0585a408ca85c8396c501a5108431c5d204b48e5a95c89aa36dc70d9b855b5ee8aaa3d791f655a72a7f70a52629bcc
-
SSDEEP
6144:/ndP+HVEairyNeHlomF631w1M0T+eWDTGur5up:/ndP+1EaJNeHmmFN9q5yi5e
Static task
static1
Malware Config
Extracted
redline
fronx2
fronxtracking.com:80
-
auth_value
0a4100df2644a6a6582137d2da2c8bd1
Targets
-
-
Target
283bc2622855d32c8506b1bb08d735a3bb7de8f1c3363e18a30a9306ca3dd31d
-
Size
493KB
-
MD5
a1179c60fe326b93148d3ba0139b9ef0
-
SHA1
11ad5cc3f18c297ec6201aacdeda2a1c5504fb91
-
SHA256
283bc2622855d32c8506b1bb08d735a3bb7de8f1c3363e18a30a9306ca3dd31d
-
SHA512
b4997b110c2fcdda0b8c6c4ea6525a09af0585a408ca85c8396c501a5108431c5d204b48e5a95c89aa36dc70d9b855b5ee8aaa3d791f655a72a7f70a52629bcc
-
SSDEEP
6144:/ndP+HVEairyNeHlomF631w1M0T+eWDTGur5up:/ndP+1EaJNeHmmFN9q5yi5e
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-