General
-
Target
2ca968e5d89d4b5787ca1a5fa20c93f652b969da3820a4d19de9a7d789f1f9f6
-
Size
345KB
-
Sample
230331-jtkd2aad3s
-
MD5
a86824e4a0305212af2e4ebe0e610571
-
SHA1
fd733e1aa8af1bdf798ff69e727915f8ed6a54e0
-
SHA256
2ca968e5d89d4b5787ca1a5fa20c93f652b969da3820a4d19de9a7d789f1f9f6
-
SHA512
5bc4ab6833075d9b3e25879eb3ddd566f7bfbe733b11d826cf335273aea705a7b159a10f63520d5ffe48414db78fa5b656e7a96ecfa93f10459e84adf5243371
-
SSDEEP
6144:v488Lkxx/fKeTILLM91Co7FmTlpuPgRF95k5d+Cz9OP:GLkL/fKaILgyo7Fm7Nzkd+k9W
Static task
static1
Malware Config
Extracted
redline
frtrack
francestracking.com:80
-
auth_value
f2f94b780071d26409283a3478312faf
Targets
-
-
Target
2ca968e5d89d4b5787ca1a5fa20c93f652b969da3820a4d19de9a7d789f1f9f6
-
Size
345KB
-
MD5
a86824e4a0305212af2e4ebe0e610571
-
SHA1
fd733e1aa8af1bdf798ff69e727915f8ed6a54e0
-
SHA256
2ca968e5d89d4b5787ca1a5fa20c93f652b969da3820a4d19de9a7d789f1f9f6
-
SHA512
5bc4ab6833075d9b3e25879eb3ddd566f7bfbe733b11d826cf335273aea705a7b159a10f63520d5ffe48414db78fa5b656e7a96ecfa93f10459e84adf5243371
-
SSDEEP
6144:v488Lkxx/fKeTILLM91Co7FmTlpuPgRF95k5d+Cz9OP:GLkL/fKaILgyo7Fm7Nzkd+k9W
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-