General
-
Target
06112ee653f05a595f7bdbdd5872e6868e0b04a7b546c34b35c3f41a192f03f8
-
Size
291KB
-
Sample
230403-zb1w3aag71
-
MD5
adb28cd25314fdc12381be289659c7c2
-
SHA1
76e41067acc39d16675a220393ff5cca266568b2
-
SHA256
06112ee653f05a595f7bdbdd5872e6868e0b04a7b546c34b35c3f41a192f03f8
-
SHA512
aa725bd23e270833196f86aec66df9d98a6559cf409629e7d3bb2b6716309a38a87e523e8803d2314249ce013f3488400b917531aa17ed101bd2b3e90a622b12
-
SSDEEP
6144:dgj65uK85+l1rwUX2O/8GXGiB+DnIPe6BY5j:O0uKogKOEGXtSO3ij
Static task
static1
Malware Config
Extracted
redline
@chicago
185.11.61.125:22344
-
auth_value
21f863e0cbd09d0681058e068d0d1d7f
Targets
-
-
Target
06112ee653f05a595f7bdbdd5872e6868e0b04a7b546c34b35c3f41a192f03f8
-
Size
291KB
-
MD5
adb28cd25314fdc12381be289659c7c2
-
SHA1
76e41067acc39d16675a220393ff5cca266568b2
-
SHA256
06112ee653f05a595f7bdbdd5872e6868e0b04a7b546c34b35c3f41a192f03f8
-
SHA512
aa725bd23e270833196f86aec66df9d98a6559cf409629e7d3bb2b6716309a38a87e523e8803d2314249ce013f3488400b917531aa17ed101bd2b3e90a622b12
-
SSDEEP
6144:dgj65uK85+l1rwUX2O/8GXGiB+DnIPe6BY5j:O0uKogKOEGXtSO3ij
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-