General
-
Target
0684a7b0159657c7cf176b0ed958520c11e7158d6ddffff906c2d5a3d305baed
-
Size
337KB
-
Sample
230401-j22y2sgh34
-
MD5
c9ae45b117856bce4112b8d06b2d9c9c
-
SHA1
044e7a601ff7b59e1ac785f370317bbde295a949
-
SHA256
0684a7b0159657c7cf176b0ed958520c11e7158d6ddffff906c2d5a3d305baed
-
SHA512
a3fd31bff61d42634482cc928423bb739dd846b97e6b2510a60b242f77e9f71583c1e009a28103f5ba8b43b9223d66f23ff9cc069e0a7bff84db31b984d1753a
-
SSDEEP
3072:/tsV+T7bs2jt6R8NICZuFkhuV8maouuqXYD7/Dki7Y/PiecSBcGo81cyR15GhYGc:H7oa6yGkTouuW+/4p/BbxRIYGMBfWho
Static task
static1
Malware Config
Extracted
redline
@chicago
185.11.61.125:22344
-
auth_value
21f863e0cbd09d0681058e068d0d1d7f
Targets
-
-
Target
0684a7b0159657c7cf176b0ed958520c11e7158d6ddffff906c2d5a3d305baed
-
Size
337KB
-
MD5
c9ae45b117856bce4112b8d06b2d9c9c
-
SHA1
044e7a601ff7b59e1ac785f370317bbde295a949
-
SHA256
0684a7b0159657c7cf176b0ed958520c11e7158d6ddffff906c2d5a3d305baed
-
SHA512
a3fd31bff61d42634482cc928423bb739dd846b97e6b2510a60b242f77e9f71583c1e009a28103f5ba8b43b9223d66f23ff9cc069e0a7bff84db31b984d1753a
-
SSDEEP
3072:/tsV+T7bs2jt6R8NICZuFkhuV8maouuqXYD7/Dki7Y/PiecSBcGo81cyR15GhYGc:H7oa6yGkTouuW+/4p/BbxRIYGMBfWho
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-