General
-
Target
de14e6754ccf6491b45a37ed9d2bd19b2b586cefda08b053ecda181b71414ea4
-
Size
343KB
-
Sample
230404-ftj7gseg9x
-
MD5
631715f35ba036fd9db9410da250aca3
-
SHA1
4553f716ce6bf1f0a35eb97ebea6d49db31e2a97
-
SHA256
de14e6754ccf6491b45a37ed9d2bd19b2b586cefda08b053ecda181b71414ea4
-
SHA512
3baba441b0d471971289002a338e8b5c043f08f7150554f17a27d3f69f0c428e13049d7f214ed320dc133824f3601f9f20346494ec12b43f5e61cd79340503b4
-
SSDEEP
6144:NLbSadnhtvyBahrjWL6zyW8uHqjt42hQ6aW:NXSaFhOyrjk6zy3JhQu
Static task
static1
Malware Config
Extracted
redline
@chicago
185.11.61.125:22344
-
auth_value
21f863e0cbd09d0681058e068d0d1d7f
Targets
-
-
Target
de14e6754ccf6491b45a37ed9d2bd19b2b586cefda08b053ecda181b71414ea4
-
Size
343KB
-
MD5
631715f35ba036fd9db9410da250aca3
-
SHA1
4553f716ce6bf1f0a35eb97ebea6d49db31e2a97
-
SHA256
de14e6754ccf6491b45a37ed9d2bd19b2b586cefda08b053ecda181b71414ea4
-
SHA512
3baba441b0d471971289002a338e8b5c043f08f7150554f17a27d3f69f0c428e13049d7f214ed320dc133824f3601f9f20346494ec12b43f5e61cd79340503b4
-
SSDEEP
6144:NLbSadnhtvyBahrjWL6zyW8uHqjt42hQ6aW:NXSaFhOyrjk6zy3JhQu
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-