General
-
Target
a741976c0377522b387e9f4a142a581a039144e7ff120585e5ee086b627de56b.zip
-
Size
51KB
-
Sample
230328-nwdfqaag44
-
MD5
e7b9f00c390100758f7dd2c9b3005f70
-
SHA1
2cfe568ded43090199e3686fba3bbdd53da01d92
-
SHA256
3b308722509ac5fa822dd014c77132f56c7e1ab51db0c814d448b6edceb29507
-
SHA512
e063fe6e450be7407ce43f74ce4e7700376d1dd41bb1d73544a5a5c1a75f66ea08976dd06589ded3783c46f951347d13c42eb2d525efc494ad4bff8f4ece61b3
-
SSDEEP
1536:EiR0n/U02lgMWC+Z0L/Jw+hxP2dlGAQV3bxzB20Bw:LW/U0cWCZtwgxOdUTb9B25
Behavioral task
behavioral1
Sample
a741976c0377522b387e9f4a142a581a039144e7ff120585e5ee086b627de56b.exe
Resource
win7-20230220-en
Malware Config
Extracted
redline
braza
193.233.20.32:4125
-
auth_value
ebe61b54deeef75cf8466416c0857088
Targets
-
-
Target
a741976c0377522b387e9f4a142a581a039144e7ff120585e5ee086b627de56b
-
Size
175KB
-
MD5
b071806e9ed6fc97a8b51516ee5e6d5d
-
SHA1
27b2865afa4c1946f95ff6cd79ba5df0e762acda
-
SHA256
a741976c0377522b387e9f4a142a581a039144e7ff120585e5ee086b627de56b
-
SHA512
18690be6641595b3cfd543cff664a49e92d146386c2a170c7038860f1503f6a9b2b5626e6768aef2bb5e7c859a04b2973c2510f9d7af36d059b69269034704c4
-
SSDEEP
3072:ZxqZWjfa8oty3s5vZllel5Fih1vxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOus:LqZC0hMih
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-