General
-
Target
336339cb268d2afa1d28a55bff6962d9a30d3cb40efe16fa599f5ce4b6285555
-
Size
346KB
-
Sample
230328-k9h2ksaa88
-
MD5
912366c7c8cea81ddab4fd20f0e2dea2
-
SHA1
c3a569f3f49fc347c144728cdc99a7a7db19d2ba
-
SHA256
336339cb268d2afa1d28a55bff6962d9a30d3cb40efe16fa599f5ce4b6285555
-
SHA512
fd0d5a5247318db7967d36af503ddc803e63cd00873b3ce4e9ac47f02be0080dd07a383d9b8e9496dc2b6255315ad9ea46d12ff1bb4ad28fb3671ee9629c207e
-
SSDEEP
6144:nOyj44LNAOlKDK7DEp/kHd2XttQm3G6rzcFyHXT1i+bnZPD/+:OB4pAOln7DEpM84qGigOXT1bbZbW
Static task
static1
Malware Config
Extracted
redline
ROBER
138.201.195.134:15564
-
auth_value
de311ede2b43457816afc0d9989c5255
Targets
-
-
Target
336339cb268d2afa1d28a55bff6962d9a30d3cb40efe16fa599f5ce4b6285555
-
Size
346KB
-
MD5
912366c7c8cea81ddab4fd20f0e2dea2
-
SHA1
c3a569f3f49fc347c144728cdc99a7a7db19d2ba
-
SHA256
336339cb268d2afa1d28a55bff6962d9a30d3cb40efe16fa599f5ce4b6285555
-
SHA512
fd0d5a5247318db7967d36af503ddc803e63cd00873b3ce4e9ac47f02be0080dd07a383d9b8e9496dc2b6255315ad9ea46d12ff1bb4ad28fb3671ee9629c207e
-
SSDEEP
6144:nOyj44LNAOlKDK7DEp/kHd2XttQm3G6rzcFyHXT1i+bnZPD/+:OB4pAOln7DEpM84qGigOXT1bbZbW
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-