General
-
Target
a5c24bf163f40eeb47ad12aada03cba2.bin
-
Size
396KB
-
Sample
240408-b22dhsch81
-
MD5
ce5d940dbf3bd882570365890afe7441
-
SHA1
6b3d951079c0fef0b0756cf217e5901b5b5e485f
-
SHA256
76a6587dfa699fe67623cb9a62dfb8982fa3c23f8e21da43930993af310bf98b
-
SHA512
9810e75e54a39750a193bc8f4864ab40f0d63603b2824474030b1d8fc263426150ff2fd66d3d7630e944335bd13c0af6c1f0cf41864c7f5245714bc384327231
-
SSDEEP
12288:B10gsUK9Y3AQVpC5TyKniY/f4VLxrl3kPn:z0g3ggk5ZnwXlUPn
Static task
static1
Behavioral task
behavioral1
Sample
88f9eb586f66f57f77ebc7164594547ce881999f525878161c49e205476a04b1.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
88f9eb586f66f57f77ebc7164594547ce881999f525878161c49e205476a04b1.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
88f9eb586f66f57f77ebc7164594547ce881999f525878161c49e205476a04b1.exe
-
Size
945KB
-
MD5
a5c24bf163f40eeb47ad12aada03cba2
-
SHA1
c46819b55c1493c021ca69fcb219650949b6893e
-
SHA256
88f9eb586f66f57f77ebc7164594547ce881999f525878161c49e205476a04b1
-
SHA512
1f46271210d6bf7a0e23af8d171c6924e3b95474efa20f61aa41355f70c90119864154614d625e50db9fb7d5751fa57aa327e753f660218d8a87d39786d58e6c
-
SSDEEP
12288:qp/gJFd/4LJ7QvyRlyB0h2LZUeqELMqtxz4fafR7iiDXSB53ofEF/vblU:s/UFC7YyRABcaUeqvq3iIo/vJ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-