General
-
Target
0bfdaabc223e6c4b4d273163e242e750f9119d938de013c9a148d5b4a2f6786e
-
Size
354KB
-
Sample
230331-y4f7paee2t
-
MD5
b94e6b0a0dfbd9e6fe2d10f7861c723d
-
SHA1
1fdb29bbc0628cc7d9d417f182d4483ef9663618
-
SHA256
0bfdaabc223e6c4b4d273163e242e750f9119d938de013c9a148d5b4a2f6786e
-
SHA512
3b7926d792f5dd8271b71a226f3123f87c72462d97b4c1066f473b097c7239fa67d59c155283a6fa2a715c23243113fb7b860dffa938cbece089898a0a8ea4c4
-
SSDEEP
6144:Zb6OIAkvPXdXnlrO6IKdLsKy5e52GS8SFXfzQM5P:R6OIAkvVXl66IcsveQGO9zz
Static task
static1
Malware Config
Extracted
redline
frtrack
francestracking.com:80
-
auth_value
f2f94b780071d26409283a3478312faf
Targets
-
-
Target
0bfdaabc223e6c4b4d273163e242e750f9119d938de013c9a148d5b4a2f6786e
-
Size
354KB
-
MD5
b94e6b0a0dfbd9e6fe2d10f7861c723d
-
SHA1
1fdb29bbc0628cc7d9d417f182d4483ef9663618
-
SHA256
0bfdaabc223e6c4b4d273163e242e750f9119d938de013c9a148d5b4a2f6786e
-
SHA512
3b7926d792f5dd8271b71a226f3123f87c72462d97b4c1066f473b097c7239fa67d59c155283a6fa2a715c23243113fb7b860dffa938cbece089898a0a8ea4c4
-
SSDEEP
6144:Zb6OIAkvPXdXnlrO6IKdLsKy5e52GS8SFXfzQM5P:R6OIAkvVXl66IcsveQGO9zz
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-