General
-
Target
85c59de1c3e694b350a38b115c1dac784bc50bf9522c0c9a8f3a74b1a7e2de02.zip
-
Size
612KB
-
Sample
230328-mv81kaae49
-
MD5
a3b2849656de0bd0b9c6a55a4ab0bfa8
-
SHA1
d9c99100e3b1100636a8c595e3577febaad90bcf
-
SHA256
5a57df26e345cb7e985044a7498954035ca64ae0952d19e9c28cf79c5e96d23b
-
SHA512
b40aa5d45d8e31c218cc6bfe87a92646bb399b1343fe6965bc3818e7797af3850a4c252cfd9483f61af5669eb42adfa5b07806e04c92b46de6b34c02387c33ff
-
SSDEEP
12288:wBj0+e4nGPfrI+Pu3S/4XqxvjqmPLl6fVAd+x2:wF0o6rdiPqxvtj3+x2
Behavioral task
behavioral1
Sample
85c59de1c3e694b350a38b115c1dac784bc50bf9522c0c9a8f3a74b1a7e2de02.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
85c59de1c3e694b350a38b115c1dac784bc50bf9522c0c9a8f3a74b1a7e2de02.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
85c59de1c3e694b350a38b115c1dac784bc50bf9522c0c9a8f3a74b1a7e2de02
-
Size
809KB
-
MD5
2ca5ea810f8ee199253dc7ffa26cd384
-
SHA1
e4f1fca8823e1aaea66c3aac025e5de1aacb2968
-
SHA256
85c59de1c3e694b350a38b115c1dac784bc50bf9522c0c9a8f3a74b1a7e2de02
-
SHA512
898a2d1fb35880ee739e90da3296e50adef1e4be70ecbc15dbc0aad85babf4f93bc3c354afcd45cde2cd8657bf12830c5f166175e8a6ea45ad5b26c67ab8ec13
-
SSDEEP
24576:3CHCW4HtzV4/ktaXGnRQUnifb0fT5dZ9nYd+cm6:yHzUtzV4W9bifb0Z
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-