General
-
Target
d3fe011e084dfdb7cde1946373bc5625835239c0d4415ab5871b52764fa48d37
-
Size
291KB
-
Sample
230403-3ka9jsde3z
-
MD5
85fc2c081db9aa9c586b57adfb683d90
-
SHA1
51234246fb3dbd18f45fae9ae6a390cd72b911c2
-
SHA256
d3fe011e084dfdb7cde1946373bc5625835239c0d4415ab5871b52764fa48d37
-
SHA512
b4378a50b29ffdc3eae8dd0076b6b8596597bf5fd30ba2fed99970a30e2a199f76a0abd1b14ac23dc189c0de72c82ccc24fe5e0aa82e8e19ceb156846747b39d
-
SSDEEP
3072:Bdx8uEBIdWXNlI7STZTkAiSrfKGO9Vs/mr9O3iRQRB1KaQVN0JcSfzCOW7bMKf53:BVbd6I2tjLKGKNJdyRTQVyJg/Jw+
Static task
static1
Malware Config
Extracted
redline
@chicago
185.11.61.125:22344
-
auth_value
21f863e0cbd09d0681058e068d0d1d7f
Targets
-
-
Target
d3fe011e084dfdb7cde1946373bc5625835239c0d4415ab5871b52764fa48d37
-
Size
291KB
-
MD5
85fc2c081db9aa9c586b57adfb683d90
-
SHA1
51234246fb3dbd18f45fae9ae6a390cd72b911c2
-
SHA256
d3fe011e084dfdb7cde1946373bc5625835239c0d4415ab5871b52764fa48d37
-
SHA512
b4378a50b29ffdc3eae8dd0076b6b8596597bf5fd30ba2fed99970a30e2a199f76a0abd1b14ac23dc189c0de72c82ccc24fe5e0aa82e8e19ceb156846747b39d
-
SSDEEP
3072:Bdx8uEBIdWXNlI7STZTkAiSrfKGO9Vs/mr9O3iRQRB1KaQVN0JcSfzCOW7bMKf53:BVbd6I2tjLKGKNJdyRTQVyJg/Jw+
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-