General
-
Target
a2e1d1865518de8e9cee12db059a876887fc44f2d3a77cc44a7184bcefe2e2ab
-
Size
314KB
-
Sample
230331-x3asvaeb3x
-
MD5
42dac6b34d7f5956fb0a1c406a01f8c6
-
SHA1
820a6107369008fdfc308dac062cb2b40423f75c
-
SHA256
a2e1d1865518de8e9cee12db059a876887fc44f2d3a77cc44a7184bcefe2e2ab
-
SHA512
4b06bcc049b4c67bbb7b7986606bbf9dbec65d4f654564bdb01bd27ab6bf693cff0c76bcb1da6eb45213e306eee70b62666ba4b00e71e4fe62c2e35a0de35777
-
SSDEEP
6144:Pnf66jtwKLxtknmZxmnTM/75nOpiSB5vtGkBM5zRP:vthnL8nmZ2y74DvtBm
Static task
static1
Malware Config
Extracted
redline
@Germany
185.11.61.125:22344
-
auth_value
9d15d78194367a949e54a07d6ce02c62
Targets
-
-
Target
a2e1d1865518de8e9cee12db059a876887fc44f2d3a77cc44a7184bcefe2e2ab
-
Size
314KB
-
MD5
42dac6b34d7f5956fb0a1c406a01f8c6
-
SHA1
820a6107369008fdfc308dac062cb2b40423f75c
-
SHA256
a2e1d1865518de8e9cee12db059a876887fc44f2d3a77cc44a7184bcefe2e2ab
-
SHA512
4b06bcc049b4c67bbb7b7986606bbf9dbec65d4f654564bdb01bd27ab6bf693cff0c76bcb1da6eb45213e306eee70b62666ba4b00e71e4fe62c2e35a0de35777
-
SSDEEP
6144:Pnf66jtwKLxtknmZxmnTM/75nOpiSB5vtGkBM5zRP:vthnL8nmZ2y74DvtBm
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-