General
-
Target
0x0003000000000739-190.dat
-
Size
172KB
-
Sample
230619-ma2qraec9w
-
MD5
13e3fee626769b2f8830b48fbceb3900
-
SHA1
17db0563cc3cb5fd5b6f49b4fecaaa9f76fab158
-
SHA256
72f0759094bee101f8a1dff57639583f9eb9d1d479e07f070e95c9ad944a2013
-
SHA512
28e01a524422d8e9c342f78af5ed32ed2b99fd6a89a098d6fa2d17ca605f49d126b397ac7935954ff71c6288d50288e2d840e373413c85f244cbfa808be558e8
-
SSDEEP
3072:Ek/Ahs68FdlOFtQLxN46UbpLNqlOOE8e8h4:EkjF38VLNqlOOE
Behavioral task
behavioral1
Sample
0x0003000000000739-190.exe
Resource
win7-20230220-en
Malware Config
Extracted
redline
diza
83.97.73.128:19071
-
auth_value
0d09b419c8bc967f91c68be4a17e92ee
Targets
-
-
Target
0x0003000000000739-190.dat
-
Size
172KB
-
MD5
13e3fee626769b2f8830b48fbceb3900
-
SHA1
17db0563cc3cb5fd5b6f49b4fecaaa9f76fab158
-
SHA256
72f0759094bee101f8a1dff57639583f9eb9d1d479e07f070e95c9ad944a2013
-
SHA512
28e01a524422d8e9c342f78af5ed32ed2b99fd6a89a098d6fa2d17ca605f49d126b397ac7935954ff71c6288d50288e2d840e373413c85f244cbfa808be558e8
-
SSDEEP
3072:Ek/Ahs68FdlOFtQLxN46UbpLNqlOOE8e8h4:EkjF38VLNqlOOE
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-