General
-
Target
ec9dc0888ea3b829e9333ac75b79e703ae90a429093c11764ace78adc92c9834
-
Size
354KB
-
Sample
230323-d2hyaadc62
-
MD5
4ff99e3bf044a492bc0d44c5e8005bd6
-
SHA1
d836d0ab4da8f6d58427f5dd18236aa2bdddb743
-
SHA256
ec9dc0888ea3b829e9333ac75b79e703ae90a429093c11764ace78adc92c9834
-
SHA512
fa4d3fe94f18e30acde63fbd0c8ae11a19621288c4561fa6d9eb0deeeba3f2f83ee13fb489e49b1390c3b1c8a4e43d2cb880d45f93e2f5f793c553dc693771ef
-
SSDEEP
6144:d6/bBPPfN+1wMPv9SGEUIUV0WCtuL530rQ:dyBPPfN+1103UIUVZJSQ
Static task
static1
Malware Config
Extracted
redline
fronx2
fronxtracking.com:80
-
auth_value
0a4100df2644a6a6582137d2da2c8bd1
Targets
-
-
Target
ec9dc0888ea3b829e9333ac75b79e703ae90a429093c11764ace78adc92c9834
-
Size
354KB
-
MD5
4ff99e3bf044a492bc0d44c5e8005bd6
-
SHA1
d836d0ab4da8f6d58427f5dd18236aa2bdddb743
-
SHA256
ec9dc0888ea3b829e9333ac75b79e703ae90a429093c11764ace78adc92c9834
-
SHA512
fa4d3fe94f18e30acde63fbd0c8ae11a19621288c4561fa6d9eb0deeeba3f2f83ee13fb489e49b1390c3b1c8a4e43d2cb880d45f93e2f5f793c553dc693771ef
-
SSDEEP
6144:d6/bBPPfN+1wMPv9SGEUIUV0WCtuL530rQ:dyBPPfN+1103UIUVZJSQ
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-