General
-
Target
a5649a67905b0855baca333181bb2e70b839d96b0f276770c902404def56eaf1
-
Size
401KB
-
Sample
230328-mkghkaad83
-
MD5
3ad5634ee5e7e3fdfae85a2f029a1aec
-
SHA1
83c116ffe547068c56c7608cb55739e14fd163e7
-
SHA256
a5649a67905b0855baca333181bb2e70b839d96b0f276770c902404def56eaf1
-
SHA512
078da4debc88feebe1f985dd89f7af193716c4dfe810170a57193ee4e03f70aca02a309b7172a4e7b9abb5a1abaead9bcd76bfa88875edb05ca69b3c9f88c30a
-
SSDEEP
6144:+EGNRxKSZWBdEZP2sgaKNlw6Ie6NTTltDDTO:+EGT0IWBdlaK7wXXNHzO
Static task
static1
Malware Config
Extracted
redline
@Germany
185.11.61.125:22344
-
auth_value
9d15d78194367a949e54a07d6ce02c62
Targets
-
-
Target
a5649a67905b0855baca333181bb2e70b839d96b0f276770c902404def56eaf1
-
Size
401KB
-
MD5
3ad5634ee5e7e3fdfae85a2f029a1aec
-
SHA1
83c116ffe547068c56c7608cb55739e14fd163e7
-
SHA256
a5649a67905b0855baca333181bb2e70b839d96b0f276770c902404def56eaf1
-
SHA512
078da4debc88feebe1f985dd89f7af193716c4dfe810170a57193ee4e03f70aca02a309b7172a4e7b9abb5a1abaead9bcd76bfa88875edb05ca69b3c9f88c30a
-
SSDEEP
6144:+EGNRxKSZWBdEZP2sgaKNlw6Ie6NTTltDDTO:+EGT0IWBdlaK7wXXNHzO
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-