General
-
Target
5036d980404dc514b1326611d7e4d5a4f406125fec9155ea9ceb2fffc9caf55f
-
Size
401KB
-
Sample
230328-mnqweaae22
-
MD5
2a07aed0138f537bf3740c09e66f56a1
-
SHA1
fbe5f71545b6605825a3587161da813bfef2142c
-
SHA256
5036d980404dc514b1326611d7e4d5a4f406125fec9155ea9ceb2fffc9caf55f
-
SHA512
952c01bafd0c3ef2e0740344ae4510b8df9afd74cd85ec9d0a9438d063d0a08c3ef17792da2d919c546e39f8776d0b505813206a553a9d7d6587dd57496c7780
-
SSDEEP
6144:QgGNh5AOZWB2eBA3aaCny/LNhyshTslqEaektDDTO:QgG7G0WceBAV//VslNaeUzO
Static task
static1
Malware Config
Extracted
redline
@chicago
185.11.61.125:22344
-
auth_value
21f863e0cbd09d0681058e068d0d1d7f
Targets
-
-
Target
5036d980404dc514b1326611d7e4d5a4f406125fec9155ea9ceb2fffc9caf55f
-
Size
401KB
-
MD5
2a07aed0138f537bf3740c09e66f56a1
-
SHA1
fbe5f71545b6605825a3587161da813bfef2142c
-
SHA256
5036d980404dc514b1326611d7e4d5a4f406125fec9155ea9ceb2fffc9caf55f
-
SHA512
952c01bafd0c3ef2e0740344ae4510b8df9afd74cd85ec9d0a9438d063d0a08c3ef17792da2d919c546e39f8776d0b505813206a553a9d7d6587dd57496c7780
-
SSDEEP
6144:QgGNh5AOZWB2eBA3aaCny/LNhyshTslqEaektDDTO:QgG7G0WceBAV//VslNaeUzO
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-