General
-
Target
1.exe
-
Size
376KB
-
Sample
230629-r5bv2aee8s
-
MD5
6d526405031d438f3c3f7e4fb2a8ed90
-
SHA1
575d5a012529129f553af802cbace89b0eb4169a
-
SHA256
6ce0e405b0bd60d6dac392dc909ed665bb9b70b2c401e2c61b1ecd78b8036f2f
-
SHA512
e00292e6b1b30da525b707d3843421b3cf3b874ca5492a4d4ea674c68ca5124921e14b1952b021a1910890928f78a72246561e2adeba6f775fa9231bfdf6d6f4
-
SSDEEP
6144:loJW7QzqMUONB62KDwy3O1GOInxoY5kdF:locQzyURywpIlm
Static task
static1
Behavioral task
behavioral1
Sample
1.exe
Resource
win7-20230621-en
Malware Config
Extracted
redline
@Chicago
185.81.68.115:2920
-
auth_value
624a75e46c4217bc2cafb7758d1978d9
Targets
-
-
Target
1.exe
-
Size
376KB
-
MD5
6d526405031d438f3c3f7e4fb2a8ed90
-
SHA1
575d5a012529129f553af802cbace89b0eb4169a
-
SHA256
6ce0e405b0bd60d6dac392dc909ed665bb9b70b2c401e2c61b1ecd78b8036f2f
-
SHA512
e00292e6b1b30da525b707d3843421b3cf3b874ca5492a4d4ea674c68ca5124921e14b1952b021a1910890928f78a72246561e2adeba6f775fa9231bfdf6d6f4
-
SSDEEP
6144:loJW7QzqMUONB62KDwy3O1GOInxoY5kdF:locQzyURywpIlm
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-