General
-
Target
635f338696b41acaeadbb8b1371009dcd33f0c5089e9587a8634c9fa9408e8dd.zip
-
Size
51KB
-
Sample
230328-mzj71aae62
-
MD5
dd9286c2b1f8b4600d5ab8c468bf0e12
-
SHA1
58a97d1a00f37e3ecbde8c1ed0b53329673c45d9
-
SHA256
40e67e04a61b0ed4f035f3a4aad652f6af42360b1348c8826d48c59faa898801
-
SHA512
be31ae415da8ccb0fd37f35a41cd296e46f321fc8c99dbef19ccc3cef7ebbc294cbe8caa527105fa027605ebd33d64649e040223ef7c5b991ca86203d7526ce4
-
SSDEEP
768:BtG/l++VpIvJGxNH+Uh4/GJWmgUNx7he1s8CN6xorL20A6pf1EdtWTdjDNU:BM/o+yUU/ez7sNxCyLkeAxDNU
Behavioral task
behavioral1
Sample
635f338696b41acaeadbb8b1371009dcd33f0c5089e9587a8634c9fa9408e8dd.exe
Resource
win7-20230220-en
Malware Config
Extracted
redline
dent
193.233.20.33:4125
-
auth_value
e795368557f02e28e8aef6bcb279a3b0
Targets
-
-
Target
635f338696b41acaeadbb8b1371009dcd33f0c5089e9587a8634c9fa9408e8dd
-
Size
175KB
-
MD5
eea2f89c390ed5eb2444dbb194fed5dd
-
SHA1
f66a14925a2ed9575f48ad2294d2662cdaec4713
-
SHA256
635f338696b41acaeadbb8b1371009dcd33f0c5089e9587a8634c9fa9408e8dd
-
SHA512
4076f85b09f049c9b2bcc02927a6a10c046716e4a9acddf5a17b6958b6638a5fc6fd6b228804f140d9b4c88d9fffca33313b52fb1d9c2d4867842bca9c6002fb
-
SSDEEP
3072:s9xqZWBJaHEDgXp5lCe159Eh4bxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOuwY:sHqZV7ljEh
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-