General
-
Target
382ce001344edd988831d57e96decc9644aa339cf809fbe463c11102f7025c85
-
Size
329KB
-
Sample
230330-xff2cadh25
-
MD5
277773cbeb9d56c22317e4215709d5b0
-
SHA1
72d83d8c73416f547baacb5c65fbc2fe0c733330
-
SHA256
382ce001344edd988831d57e96decc9644aa339cf809fbe463c11102f7025c85
-
SHA512
f9a7206493ec7e77486ac917d73499b32d89f90085fbc8c1e84c2423c07c45d4e677752a5f8d2dfbcbfda7c7a203860ac1a3136ea6131ba3e55ace317420be55
-
SSDEEP
6144:ncghxjHYJVp8b8jjurG/3itOCZQc98/d9c3h/r7zlVe:3hxbGVHjjz3iwU78/d9cR/rX
Static task
static1
Malware Config
Extracted
redline
frtrack
francestracking.com:80
-
auth_value
f2f94b780071d26409283a3478312faf
Targets
-
-
Target
382ce001344edd988831d57e96decc9644aa339cf809fbe463c11102f7025c85
-
Size
329KB
-
MD5
277773cbeb9d56c22317e4215709d5b0
-
SHA1
72d83d8c73416f547baacb5c65fbc2fe0c733330
-
SHA256
382ce001344edd988831d57e96decc9644aa339cf809fbe463c11102f7025c85
-
SHA512
f9a7206493ec7e77486ac917d73499b32d89f90085fbc8c1e84c2423c07c45d4e677752a5f8d2dfbcbfda7c7a203860ac1a3136ea6131ba3e55ace317420be55
-
SSDEEP
6144:ncghxjHYJVp8b8jjurG/3itOCZQc98/d9c3h/r7zlVe:3hxbGVHjjz3iwU78/d9cR/rX
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-