General
-
Target
0d9d24082c5da1b288c1403da90f6bca9356b941c3f693c9d6620601d08b8a44
-
Size
355KB
-
Sample
230331-y8c1tsee5y
-
MD5
d212fa2770e98c61b3594f54d9342d5d
-
SHA1
c9525afc519cc0a6530fd62648cbbf1c257223ec
-
SHA256
0d9d24082c5da1b288c1403da90f6bca9356b941c3f693c9d6620601d08b8a44
-
SHA512
1b4872724e676b5100d6eb50c86db7bdf2411263f63a7bd2256c82ffe98dbf1d426d2556c2d33465e02122576f3c62876b440db380c626f216c09b0b31175230
-
SSDEEP
6144:XU6GvkN0fQnUdhofHB71AyhaJ3ARYOsG0f8aMfkpt:k6GvkKfQnChofHd1AOaU9sGvk
Static task
static1
Malware Config
Extracted
redline
@Germany
185.11.61.125:22344
-
auth_value
9d15d78194367a949e54a07d6ce02c62
Targets
-
-
Target
0d9d24082c5da1b288c1403da90f6bca9356b941c3f693c9d6620601d08b8a44
-
Size
355KB
-
MD5
d212fa2770e98c61b3594f54d9342d5d
-
SHA1
c9525afc519cc0a6530fd62648cbbf1c257223ec
-
SHA256
0d9d24082c5da1b288c1403da90f6bca9356b941c3f693c9d6620601d08b8a44
-
SHA512
1b4872724e676b5100d6eb50c86db7bdf2411263f63a7bd2256c82ffe98dbf1d426d2556c2d33465e02122576f3c62876b440db380c626f216c09b0b31175230
-
SSDEEP
6144:XU6GvkN0fQnUdhofHB71AyhaJ3ARYOsG0f8aMfkpt:k6GvkKfQnChofHd1AOaU9sGvk
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-