General
-
Target
9a7af5cb210dfe06be7c033cf7bed013a52ea49ff997d35b68a5a72c5d7323ee
-
Size
375KB
-
Sample
230328-jhk67abd9w
-
MD5
95521116ff6a6ede878ad9fb01d96a47
-
SHA1
a7e82c2d2c0275af63665c5b37f85e715255ebc2
-
SHA256
9a7af5cb210dfe06be7c033cf7bed013a52ea49ff997d35b68a5a72c5d7323ee
-
SHA512
33b8fc4fea84b21d246a0ecd9a2c5917639dd12405237da0849c044b7d26fc97aec54b9706f88e294b781ce1a842727e9ad6f9bf76b1720a26dc6a903e9d4c3f
-
SSDEEP
6144:+D4UMC+/w5oSQG676uYzCs0L0UyldMfXPiJfeATNCCbykbgv:+D4UMCCw5+7jYWvL0UgdCPjAT4Vr
Static task
static1
Malware Config
Extracted
redline
@Germany
185.11.61.125:22344
-
auth_value
9d15d78194367a949e54a07d6ce02c62
Targets
-
-
Target
9a7af5cb210dfe06be7c033cf7bed013a52ea49ff997d35b68a5a72c5d7323ee
-
Size
375KB
-
MD5
95521116ff6a6ede878ad9fb01d96a47
-
SHA1
a7e82c2d2c0275af63665c5b37f85e715255ebc2
-
SHA256
9a7af5cb210dfe06be7c033cf7bed013a52ea49ff997d35b68a5a72c5d7323ee
-
SHA512
33b8fc4fea84b21d246a0ecd9a2c5917639dd12405237da0849c044b7d26fc97aec54b9706f88e294b781ce1a842727e9ad6f9bf76b1720a26dc6a903e9d4c3f
-
SSDEEP
6144:+D4UMC+/w5oSQG676uYzCs0L0UyldMfXPiJfeATNCCbykbgv:+D4UMCCw5+7jYWvL0UgdCPjAT4Vr
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-