General
-
Target
n4524297.exe
-
Size
255KB
-
Sample
230613-b4865sed57
-
MD5
5ba02be58f756c893ea27416ca4eb90d
-
SHA1
ee848cd893e07d967c849e5f8600e246f81c3fc9
-
SHA256
9e60f719f6c1ae293ad593dc093e5872bc1a7df340a54527e7a1c9186ad66712
-
SHA512
3c4670a3287531cc762ee270734a1ff967471b0dec146bcb87ddb4c0a80ee696b73ee87795c21f127d93f124972c114ec401677ec9165621c1388202503e97af
-
SSDEEP
3072:vMiBIHozcM2o5/rmRviNhLI1fbCeOYTpL6GXraZKegBc4054fxvwXZB:vMCI22OmqTMraEeFnqCZB
Static task
static1
Behavioral task
behavioral1
Sample
n4524297.exe
Resource
win7-20230220-en
Malware Config
Extracted
redline
boris
83.97.73.129:19068
-
auth_value
205e4fccc0f8c7da1d56fb1da4ac5e6a
Targets
-
-
Target
n4524297.exe
-
Size
255KB
-
MD5
5ba02be58f756c893ea27416ca4eb90d
-
SHA1
ee848cd893e07d967c849e5f8600e246f81c3fc9
-
SHA256
9e60f719f6c1ae293ad593dc093e5872bc1a7df340a54527e7a1c9186ad66712
-
SHA512
3c4670a3287531cc762ee270734a1ff967471b0dec146bcb87ddb4c0a80ee696b73ee87795c21f127d93f124972c114ec401677ec9165621c1388202503e97af
-
SSDEEP
3072:vMiBIHozcM2o5/rmRviNhLI1fbCeOYTpL6GXraZKegBc4054fxvwXZB:vMCI22OmqTMraEeFnqCZB
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-