General
-
Target
3a32e5fed28c5727896f82b57b54e16a113fb5b4054a23504fe100423364fd82.zip
-
Size
51KB
-
Sample
230329-rzgt4aac8v
-
MD5
669e1dae170598d6a87b93d01c1196ec
-
SHA1
9f85398f0649edd901f7a5e71f84411c6d97c58b
-
SHA256
f0a8580962ec37367bcde97b8a4ed3f30891e6922f042f03977195d6131ffc95
-
SHA512
4d95e5b0af2006c24be903c5da67f7e2c799bbe160ec85c8a736e78bb83a2141f85aa6f271705bb8442cf47f236363e7125de084430e941b12ab9159b3637566
-
SSDEEP
1536:VByuzr/ZantEidwbWUxqB7bBtidOVEO5eZsTugrEP:VT8tEidvtBUsic4CPrEP
Behavioral task
behavioral1
Sample
3a32e5fed28c5727896f82b57b54e16a113fb5b4054a23504fe100423364fd82.exe
Resource
win7-20230220-en
Malware Config
Extracted
redline
muse
176.113.115.145:4125
-
auth_value
b91988a63a24940038d9262827a5320c
Targets
-
-
Target
3a32e5fed28c5727896f82b57b54e16a113fb5b4054a23504fe100423364fd82
-
Size
175KB
-
MD5
3b0fb67362fef0df86dc45b26585f424
-
SHA1
cf950efffb9a7cf68abb651fa3dc0767d04a6770
-
SHA256
3a32e5fed28c5727896f82b57b54e16a113fb5b4054a23504fe100423364fd82
-
SHA512
e9b6be338ba2cab606d5947e80126fc5cbd7d0a9aede9a03c3cd37915a719b8e72c4933071dc6104a6dce6ca3ae595dc9f1d642bde01734a0321fe4fc5b3e7d9
-
SSDEEP
3072:VxqZWn7aNQYF8ZueD59IhmHxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOuw+caq:fqZuZZIh
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-