General
-
Target
e3850988fbcdab1b46f0eab0ccbe045b5458bec59a0319815519b316019d74fa
-
Size
353KB
-
Sample
230323-amr1vscc62
-
MD5
75f614e92203f68db566f7b7ea251977
-
SHA1
4c04cd5744f96f63ceb5220c864a516a547d0ef8
-
SHA256
e3850988fbcdab1b46f0eab0ccbe045b5458bec59a0319815519b316019d74fa
-
SHA512
1c1a590c56034226d0785e73a8a4b3c42cdfc6b40bacb0046c63ca87f09f47f05ff91b2d4de13223b3600d03b12215d06acacf7fc5c0594c41f641b618ca9ef7
-
SSDEEP
6144:o05n5JNVXIZ1oYxZZkL9aA1+G/lJPUedCNFj2B1Ui9aN:F55JNVXK1oYxZmnNJlMNF6T9aN
Static task
static1
Malware Config
Extracted
redline
fronx2
fronxtracking.com:80
-
auth_value
0a4100df2644a6a6582137d2da2c8bd1
Targets
-
-
Target
e3850988fbcdab1b46f0eab0ccbe045b5458bec59a0319815519b316019d74fa
-
Size
353KB
-
MD5
75f614e92203f68db566f7b7ea251977
-
SHA1
4c04cd5744f96f63ceb5220c864a516a547d0ef8
-
SHA256
e3850988fbcdab1b46f0eab0ccbe045b5458bec59a0319815519b316019d74fa
-
SHA512
1c1a590c56034226d0785e73a8a4b3c42cdfc6b40bacb0046c63ca87f09f47f05ff91b2d4de13223b3600d03b12215d06acacf7fc5c0594c41f641b618ca9ef7
-
SSDEEP
6144:o05n5JNVXIZ1oYxZZkL9aA1+G/lJPUedCNFj2B1Ui9aN:F55JNVXK1oYxZmnNJlMNF6T9aN
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-