General
-
Target
d8a36156e013601c2737a3212ddbb3c14fa10e49fb1682cd26c07322d56bef37
-
Size
376KB
-
Sample
230328-lz8pxsac97
-
MD5
8f3197b58e1ca4a6691d82d42104146c
-
SHA1
545b1ca1d663d4db49aeae934ecd32c78a826a42
-
SHA256
d8a36156e013601c2737a3212ddbb3c14fa10e49fb1682cd26c07322d56bef37
-
SHA512
c8b95e8fbce1481edb999032ec18925d3dac21ad93ffabbb7bf9d4b7d66b7c2cd09a97c4b012a52f69cd5fc3d983b927d81a0a2ef4c7e38d3046028db69a2451
-
SSDEEP
6144:vjIsjCsTT2784twhs84C+IAhOfGSIL9m7zXhCshastj9jCDAR+vrBp:vjIsjCsf27lt6A4fGDmJkstj9kARE
Static task
static1
Malware Config
Extracted
redline
@chicago
185.11.61.125:22344
-
auth_value
21f863e0cbd09d0681058e068d0d1d7f
Targets
-
-
Target
d8a36156e013601c2737a3212ddbb3c14fa10e49fb1682cd26c07322d56bef37
-
Size
376KB
-
MD5
8f3197b58e1ca4a6691d82d42104146c
-
SHA1
545b1ca1d663d4db49aeae934ecd32c78a826a42
-
SHA256
d8a36156e013601c2737a3212ddbb3c14fa10e49fb1682cd26c07322d56bef37
-
SHA512
c8b95e8fbce1481edb999032ec18925d3dac21ad93ffabbb7bf9d4b7d66b7c2cd09a97c4b012a52f69cd5fc3d983b927d81a0a2ef4c7e38d3046028db69a2451
-
SSDEEP
6144:vjIsjCsTT2784twhs84C+IAhOfGSIL9m7zXhCshastj9jCDAR+vrBp:vjIsjCsf27lt6A4fGDmJkstj9kARE
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-