General
-
Target
c60b04f0979df902f696e6af2685e6f078d022470d696c5659ecb6f2b432854a
-
Size
313KB
-
Sample
230331-ze43wsdc39
-
MD5
f65a71036921708d513a93592dd3095c
-
SHA1
63d5579b91dd361d62368160dbbbd16204176823
-
SHA256
c60b04f0979df902f696e6af2685e6f078d022470d696c5659ecb6f2b432854a
-
SHA512
a685c1166327c1d3b470883e321c52d62ef7053660f493773e8234c46b5df67f281e142c25d60252dbd588a1bb2f2c98e25793dd593027a1e06e46f33d90ae33
-
SSDEEP
6144:6oQmY2m7zoxwEOuz0itwET7ABSqY+sqhHo1CmwRzb1yt:hQmYfXEO+04wEoBSqe7wZb
Static task
static1
Malware Config
Extracted
redline
@chicago
185.11.61.125:22344
-
auth_value
21f863e0cbd09d0681058e068d0d1d7f
Targets
-
-
Target
c60b04f0979df902f696e6af2685e6f078d022470d696c5659ecb6f2b432854a
-
Size
313KB
-
MD5
f65a71036921708d513a93592dd3095c
-
SHA1
63d5579b91dd361d62368160dbbbd16204176823
-
SHA256
c60b04f0979df902f696e6af2685e6f078d022470d696c5659ecb6f2b432854a
-
SHA512
a685c1166327c1d3b470883e321c52d62ef7053660f493773e8234c46b5df67f281e142c25d60252dbd588a1bb2f2c98e25793dd593027a1e06e46f33d90ae33
-
SSDEEP
6144:6oQmY2m7zoxwEOuz0itwET7ABSqY+sqhHo1CmwRzb1yt:hQmYfXEO+04wEoBSqe7wZb
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-