General
-
Target
2b4e0d204ab0895cc2a473f7dbe4d7540390d39d99441a9595c3d70accca9dcc
-
Size
345KB
-
Sample
230331-lxkv3saf5x
-
MD5
1760d21dfceb807cb3888c9756618bad
-
SHA1
851dc87ca2525b6935ce9b73c67ac99c2e4273b9
-
SHA256
2b4e0d204ab0895cc2a473f7dbe4d7540390d39d99441a9595c3d70accca9dcc
-
SHA512
5c40ecd1cfc42d8224013e20e2651ceac37c7162cfd669eb0540fcd218f1b8d1ad7e11c73021d01a464849fe798d9aea570308b071b672f0e8ff84e0c2a47f9b
-
SSDEEP
6144:J1kQrcPGWlYM0HhTNdcDyfJ5kZzJl/jBRW6oLJEe:jrcOsjENdcyfJ6hJl/jB46Uz
Static task
static1
Malware Config
Extracted
redline
frtrack
francestracking.com:80
-
auth_value
f2f94b780071d26409283a3478312faf
Targets
-
-
Target
2b4e0d204ab0895cc2a473f7dbe4d7540390d39d99441a9595c3d70accca9dcc
-
Size
345KB
-
MD5
1760d21dfceb807cb3888c9756618bad
-
SHA1
851dc87ca2525b6935ce9b73c67ac99c2e4273b9
-
SHA256
2b4e0d204ab0895cc2a473f7dbe4d7540390d39d99441a9595c3d70accca9dcc
-
SHA512
5c40ecd1cfc42d8224013e20e2651ceac37c7162cfd669eb0540fcd218f1b8d1ad7e11c73021d01a464849fe798d9aea570308b071b672f0e8ff84e0c2a47f9b
-
SSDEEP
6144:J1kQrcPGWlYM0HhTNdcDyfJ5kZzJl/jBRW6oLJEe:jrcOsjENdcyfJ6hJl/jB46Uz
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-