General
-
Target
8488f6ba152bc59bf6dccb5f06296d5cc99da88a8db9232cf86bbadefce664e6
-
Size
330KB
-
Sample
230330-mccveacb73
-
MD5
539c690b04438e87873607e362f11ef1
-
SHA1
842550beb3ed522ebb4197cff8420ea7f37f83aa
-
SHA256
8488f6ba152bc59bf6dccb5f06296d5cc99da88a8db9232cf86bbadefce664e6
-
SHA512
8b22acd4ec640ae1700c84a9e25a4fbbbecd089fde7c575af47345c6edb16bc1e4adbecacfe1f2e71833a2a239cbb42621ae2ffa6f1f7f6bf475d8df8fdc5b74
-
SSDEEP
6144:9GxLsjBaSnXaPEuxtXane/QitQl+2Yb4pqqI2:SLst/qxxaeoqQ02Lpqq
Static task
static1
Malware Config
Extracted
redline
frtrack
francestracking.com:80
-
auth_value
f2f94b780071d26409283a3478312faf
Targets
-
-
Target
8488f6ba152bc59bf6dccb5f06296d5cc99da88a8db9232cf86bbadefce664e6
-
Size
330KB
-
MD5
539c690b04438e87873607e362f11ef1
-
SHA1
842550beb3ed522ebb4197cff8420ea7f37f83aa
-
SHA256
8488f6ba152bc59bf6dccb5f06296d5cc99da88a8db9232cf86bbadefce664e6
-
SHA512
8b22acd4ec640ae1700c84a9e25a4fbbbecd089fde7c575af47345c6edb16bc1e4adbecacfe1f2e71833a2a239cbb42621ae2ffa6f1f7f6bf475d8df8fdc5b74
-
SSDEEP
6144:9GxLsjBaSnXaPEuxtXane/QitQl+2Yb4pqqI2:SLst/qxxaeoqQ02Lpqq
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-