General
-
Target
NA_6dda6c6e5f927c449bb2e3748_JC.exe
-
Size
410KB
-
Sample
230728-tldavseg7v
-
MD5
82333e8388884ed07a8104b1da402b34
-
SHA1
b45d4e410abff1ab9fcdd31a3d7778d9f9ad3b18
-
SHA256
6dda6c6e5f927c449bb2e3748eaa9329aab3c6c3f9f54bbdaf8f49d33f844a56
-
SHA512
6443c438d2189d49b1affc748325851cfae37335b8b5975ae89c840149a649beafbaeb0dd3476e91ee769b4bf1c896cc1192bce4eb2d9ecced21466affb1c1e3
-
SSDEEP
3072:GeL7M9/t9Gfz045atvpUYWvyjk7CBOJbQS6w1/h5C/ahaORqmkrhOzM5b9ImJThd:PM9rGfg1tBKSO9uMP83dhOMbSUsvCfP
Static task
static1
Behavioral task
behavioral1
Sample
NA_6dda6c6e5f927c449bb2e3748_JC.exe
Resource
win7-20230712-en
Malware Config
Extracted
redline
@Germany
194.26.135.162:2920
-
auth_value
9d15d78194367a949e54a07d6ce02c62
Targets
-
-
Target
NA_6dda6c6e5f927c449bb2e3748_JC.exe
-
Size
410KB
-
MD5
82333e8388884ed07a8104b1da402b34
-
SHA1
b45d4e410abff1ab9fcdd31a3d7778d9f9ad3b18
-
SHA256
6dda6c6e5f927c449bb2e3748eaa9329aab3c6c3f9f54bbdaf8f49d33f844a56
-
SHA512
6443c438d2189d49b1affc748325851cfae37335b8b5975ae89c840149a649beafbaeb0dd3476e91ee769b4bf1c896cc1192bce4eb2d9ecced21466affb1c1e3
-
SSDEEP
3072:GeL7M9/t9Gfz045atvpUYWvyjk7CBOJbQS6w1/h5C/ahaORqmkrhOzM5b9ImJThd:PM9rGfg1tBKSO9uMP83dhOMbSUsvCfP
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-