General
-
Target
1b942207b11fdf722c83c3b10cc3043284a2f65428cf92f998d3eb3b0b73e3a4
-
Size
305KB
-
Sample
240424-m7vzgahb2v
-
MD5
74a3ed2e09fa2b9ac8ac664c448f8880
-
SHA1
649f8888bc2b0733701274e8cbd4fb6b05ca64a5
-
SHA256
1b942207b11fdf722c83c3b10cc3043284a2f65428cf92f998d3eb3b0b73e3a4
-
SHA512
c527847f360a2f89f671cd1b44db46252913c53298b5ba4d5f02d94afb15d43967d551614a5506d59d7c25db266a37b76e0579a221fc4585addd81af38757346
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Behavioral task
behavioral1
Sample
1b942207b11fdf722c83c3b10cc3043284a2f65428cf92f998d3eb3b0b73e3a4.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
spoo
103.113.70.99:2630
Targets
-
-
Target
1b942207b11fdf722c83c3b10cc3043284a2f65428cf92f998d3eb3b0b73e3a4
-
Size
305KB
-
MD5
74a3ed2e09fa2b9ac8ac664c448f8880
-
SHA1
649f8888bc2b0733701274e8cbd4fb6b05ca64a5
-
SHA256
1b942207b11fdf722c83c3b10cc3043284a2f65428cf92f998d3eb3b0b73e3a4
-
SHA512
c527847f360a2f89f671cd1b44db46252913c53298b5ba4d5f02d94afb15d43967d551614a5506d59d7c25db266a37b76e0579a221fc4585addd81af38757346
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-