General
-
Target
1617d9ed63d8fdd9c98a4e34a82efdc77d2c9d733e49c97b3306e7ec033cb365
-
Size
354KB
-
Sample
230323-bcpcnaed8t
-
MD5
28ad6fa98b0b82ec6472a969a5b93b34
-
SHA1
8edb9503d58e82fcd48caad42d627f6c3b74eb5d
-
SHA256
1617d9ed63d8fdd9c98a4e34a82efdc77d2c9d733e49c97b3306e7ec033cb365
-
SHA512
53a3ee9d562ddc3987823bd2d73e22728d05023796a1e1d994b1ff492315a215eb17607716a40a19fc6c80eaa8b3dad5e1a98d365eb7180ed09a2d4b6b3cb256
-
SSDEEP
6144:rSP3sNBXiD7BZGhPItpVSfNizSGVJanHjag0o:uP3sNBejGhPIV+cJP/o
Static task
static1
Malware Config
Extracted
redline
fronx2
fronxtracking.com:80
-
auth_value
0a4100df2644a6a6582137d2da2c8bd1
Targets
-
-
Target
1617d9ed63d8fdd9c98a4e34a82efdc77d2c9d733e49c97b3306e7ec033cb365
-
Size
354KB
-
MD5
28ad6fa98b0b82ec6472a969a5b93b34
-
SHA1
8edb9503d58e82fcd48caad42d627f6c3b74eb5d
-
SHA256
1617d9ed63d8fdd9c98a4e34a82efdc77d2c9d733e49c97b3306e7ec033cb365
-
SHA512
53a3ee9d562ddc3987823bd2d73e22728d05023796a1e1d994b1ff492315a215eb17607716a40a19fc6c80eaa8b3dad5e1a98d365eb7180ed09a2d4b6b3cb256
-
SSDEEP
6144:rSP3sNBXiD7BZGhPItpVSfNizSGVJanHjag0o:uP3sNBejGhPIV+cJP/o
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-