General
-
Target
07728dd544ec371bf65209cce3957cb3f0e8471d4208ea48d8c49646e339618f.exe
-
Size
283KB
-
Sample
230405-m45z9sfd9w
-
MD5
bd1a8fb9af693f4dd1f3e0ec2e186f02
-
SHA1
c76c3f8aa1b8d21d38fea006fc46f4875f882815
-
SHA256
07728dd544ec371bf65209cce3957cb3f0e8471d4208ea48d8c49646e339618f
-
SHA512
4b2228f990510a8baf02519ddc84fb282e53f88b8fddcbba7c33e1e7ca9269cfcf6fd7ef5abb4e259f3b288518229400cf617cc4c6438626c5f6c307bef28a59
-
SSDEEP
3072:d7bC+rGK/5iPU3VTjrSoTb3WJBirraNyVPlEDWfPZGXoE0rGxamaptb4lfzz2FOo:52LKUPS7GJBbugWJGXP0rF3b4lrzR5
Static task
static1
Behavioral task
behavioral1
Sample
07728dd544ec371bf65209cce3957cb3f0e8471d4208ea48d8c49646e339618f.exe
Resource
win7-20230220-en
Malware Config
Extracted
redline
@chicago
185.11.61.125:22344
-
auth_value
21f863e0cbd09d0681058e068d0d1d7f
Targets
-
-
Target
07728dd544ec371bf65209cce3957cb3f0e8471d4208ea48d8c49646e339618f.exe
-
Size
283KB
-
MD5
bd1a8fb9af693f4dd1f3e0ec2e186f02
-
SHA1
c76c3f8aa1b8d21d38fea006fc46f4875f882815
-
SHA256
07728dd544ec371bf65209cce3957cb3f0e8471d4208ea48d8c49646e339618f
-
SHA512
4b2228f990510a8baf02519ddc84fb282e53f88b8fddcbba7c33e1e7ca9269cfcf6fd7ef5abb4e259f3b288518229400cf617cc4c6438626c5f6c307bef28a59
-
SSDEEP
3072:d7bC+rGK/5iPU3VTjrSoTb3WJBirraNyVPlEDWfPZGXoE0rGxamaptb4lfzz2FOo:52LKUPS7GJBbugWJGXP0rF3b4lrzR5
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-