General
-
Target
087cf93f2ca4dc289ab87c53a88924640f4035fd2c7a005ecc113c363470cbbf
-
Size
346KB
-
Sample
230328-d69a2aaf41
-
MD5
fdbb77fada4cc2af9dd0772fd483c229
-
SHA1
a9fb5c3ff9e0b28de18bc3e256f4df6b36806a83
-
SHA256
087cf93f2ca4dc289ab87c53a88924640f4035fd2c7a005ecc113c363470cbbf
-
SHA512
06688b11d786091e0055d17a97f3d11bd653442994b75055754e18775b781e0932fa14a4a1c9854d5a828d09d0f6e7e4f7aa24489b881db0020370fdd5f38f74
-
SSDEEP
6144:WOyZMoLDQhIeUJAp6lIsilpIjRXtZke3aI/Y:Tjo3QhIcscpAXP3qcY
Static task
static1
Malware Config
Extracted
redline
@Germany
185.11.61.125:22344
-
auth_value
9d15d78194367a949e54a07d6ce02c62
Targets
-
-
Target
087cf93f2ca4dc289ab87c53a88924640f4035fd2c7a005ecc113c363470cbbf
-
Size
346KB
-
MD5
fdbb77fada4cc2af9dd0772fd483c229
-
SHA1
a9fb5c3ff9e0b28de18bc3e256f4df6b36806a83
-
SHA256
087cf93f2ca4dc289ab87c53a88924640f4035fd2c7a005ecc113c363470cbbf
-
SHA512
06688b11d786091e0055d17a97f3d11bd653442994b75055754e18775b781e0932fa14a4a1c9854d5a828d09d0f6e7e4f7aa24489b881db0020370fdd5f38f74
-
SSDEEP
6144:WOyZMoLDQhIeUJAp6lIsilpIjRXtZke3aI/Y:Tjo3QhIcscpAXP3qcY
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-