General
-
Target
f500d44d359e5df508dd9e1a68bc3b572788bcebbb9f805997816c5b92bb7d2f
-
Size
343KB
-
Sample
230404-hzvlhsde33
-
MD5
27c6735fc7dc86635804c913113335bf
-
SHA1
f07029bbe52d195c1aa22a14b390e9fbb4e0099b
-
SHA256
f500d44d359e5df508dd9e1a68bc3b572788bcebbb9f805997816c5b92bb7d2f
-
SHA512
b6465f808bbef6cb8c423b821e70ea646160e91e22ab8e939243315a214fc5efb751010199990e7168bfca2ebbc32611c9a5197fc98eeb0f7f307055f04a2e3c
-
SSDEEP
6144:+5LOHr9sxsz4xWoq4X81jfsP7syWG09ot7MMGIwjG3W/saW:+xOL+xu4xdq4M1Y4nGoot7YZG3W/c
Static task
static1
Malware Config
Extracted
redline
@chicago
185.11.61.125:22344
-
auth_value
21f863e0cbd09d0681058e068d0d1d7f
Targets
-
-
Target
f500d44d359e5df508dd9e1a68bc3b572788bcebbb9f805997816c5b92bb7d2f
-
Size
343KB
-
MD5
27c6735fc7dc86635804c913113335bf
-
SHA1
f07029bbe52d195c1aa22a14b390e9fbb4e0099b
-
SHA256
f500d44d359e5df508dd9e1a68bc3b572788bcebbb9f805997816c5b92bb7d2f
-
SHA512
b6465f808bbef6cb8c423b821e70ea646160e91e22ab8e939243315a214fc5efb751010199990e7168bfca2ebbc32611c9a5197fc98eeb0f7f307055f04a2e3c
-
SSDEEP
6144:+5LOHr9sxsz4xWoq4X81jfsP7syWG09ot7MMGIwjG3W/saW:+xOL+xu4xdq4M1Y4nGoot7YZG3W/c
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-