General
-
Target
c909a3758b0db079fa6316b1421dc50e14f11e06070e6cd5f5d8d5b884053d18.zip
-
Size
51KB
-
Sample
230328-l448asad27
-
MD5
ecf0cc30eec5f29b2363457b3d94634e
-
SHA1
04dd75cefc55bd13d86975f4847f8862844fe3cf
-
SHA256
39590246b22b270484d1216d3f1ccd998395d8b3765f002f404b1c191558eb68
-
SHA512
4606cbdf3c0d7228f760ad38cc3deaab6d63c089e31648dd93474212e54832394070e8c98f8e9a11ccbb1d8e2cc1b826dd5dc4393842e4b7edfb5bd0c23010e9
-
SSDEEP
1536:lfZlP+MHWztHF9HVO0tvYDG9aiIJSghnuBh:B+MHQFHvtKLvhuBh
Behavioral task
behavioral1
Sample
c909a3758b0db079fa6316b1421dc50e14f11e06070e6cd5f5d8d5b884053d18.exe
Resource
win7-20230220-en
Malware Config
Extracted
redline
from
176.113.115.145:4125
-
auth_value
8633e283485822a4a48f0a41d5397566
Targets
-
-
Target
c909a3758b0db079fa6316b1421dc50e14f11e06070e6cd5f5d8d5b884053d18
-
Size
175KB
-
MD5
1c5a3f9f182fddd087f4a70a69f56e35
-
SHA1
4387b5d1037d43b7475b51916bc6b4ade52d44dd
-
SHA256
c909a3758b0db079fa6316b1421dc50e14f11e06070e6cd5f5d8d5b884053d18
-
SHA512
48285e6a721540293c94e2ded3d87226d369a4579af8ad596ee7537f181d20e8af1c3d616f556f41677d2c125f8093ef62c07eafaeee53965a744c8f2a8a443b
-
SSDEEP
3072:4xqZWZRanU2n0/Z62eJ5evJ9ih+PxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOm:mqZg/Z6XJIih
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-