General
-
Target
9469baf7d1dea73ba112e14e6279e625874cbab822f3082850101b9f270a54e0
-
Size
305KB
-
Sample
240424-m4l76aha97
-
MD5
a3222bdff29c3aceedc7360b93d5cd17
-
SHA1
183fdf4be53f9bd336d648276dfc6c8257448616
-
SHA256
9469baf7d1dea73ba112e14e6279e625874cbab822f3082850101b9f270a54e0
-
SHA512
5ab0628c8fc8ad271d7a0a552299b8c45445af36fe91410ef790db94c9093c55db241b73162c204e4334f57b0ce806c9d960a9939c9a5fd691aa4b72d3e06035
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Behavioral task
behavioral1
Sample
9469baf7d1dea73ba112e14e6279e625874cbab822f3082850101b9f270a54e0.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
spoo
103.113.70.99:2630
Targets
-
-
Target
9469baf7d1dea73ba112e14e6279e625874cbab822f3082850101b9f270a54e0
-
Size
305KB
-
MD5
a3222bdff29c3aceedc7360b93d5cd17
-
SHA1
183fdf4be53f9bd336d648276dfc6c8257448616
-
SHA256
9469baf7d1dea73ba112e14e6279e625874cbab822f3082850101b9f270a54e0
-
SHA512
5ab0628c8fc8ad271d7a0a552299b8c45445af36fe91410ef790db94c9093c55db241b73162c204e4334f57b0ce806c9d960a9939c9a5fd691aa4b72d3e06035
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-