General
-
Target
NA_718034f9b541fdf7866851cd4_JC.exe
-
Size
362KB
-
Sample
230726-rbm17scd86
-
MD5
fdf6b17c3ae46d5761d3e6e417fb9b1f
-
SHA1
d6ad48bcc77f753c7ba6047dcde6a178db3c2eea
-
SHA256
718034f9b541fdf7866851cd4ced6b406e07952944717e4291b38e75ac763e12
-
SHA512
9bc310f952cdc24237b5535eb9180aee0fec47ffe9a4eee3e8a08a5294d01f95e8991a7de1049e61d645e92de1c9b7fb58f5f43bcff391e57e8768a7c4d4c506
-
SSDEEP
6144:XZhZgGTk/oPXfPKaEyfc4gYVxv/K6xCOT5UzkqW7tJcnAvI:phW8kgPPPK2fjFRUQ5YuJg
Static task
static1
Behavioral task
behavioral1
Sample
NA_718034f9b541fdf7866851cd4_JC.exe
Resource
win7-20230712-en
Malware Config
Extracted
redline
@Germany
194.26.135.162:2920
-
auth_value
9d15d78194367a949e54a07d6ce02c62
Targets
-
-
Target
NA_718034f9b541fdf7866851cd4_JC.exe
-
Size
362KB
-
MD5
fdf6b17c3ae46d5761d3e6e417fb9b1f
-
SHA1
d6ad48bcc77f753c7ba6047dcde6a178db3c2eea
-
SHA256
718034f9b541fdf7866851cd4ced6b406e07952944717e4291b38e75ac763e12
-
SHA512
9bc310f952cdc24237b5535eb9180aee0fec47ffe9a4eee3e8a08a5294d01f95e8991a7de1049e61d645e92de1c9b7fb58f5f43bcff391e57e8768a7c4d4c506
-
SSDEEP
6144:XZhZgGTk/oPXfPKaEyfc4gYVxv/K6xCOT5UzkqW7tJcnAvI:phW8kgPPPK2fjFRUQ5YuJg
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-