General
-
Target
193e915a06ea9567bc4a91db5a31ca7a69b7ead66b81a57abb98797196514e8c
-
Size
304KB
-
Sample
240424-mwne9aha2z
-
MD5
bb10a1dd95fc80e4fe0c6a5aefc44912
-
SHA1
2d276811c4659a62ead3d342dc27f179820498ba
-
SHA256
193e915a06ea9567bc4a91db5a31ca7a69b7ead66b81a57abb98797196514e8c
-
SHA512
a95b87685de53d7ab6b2b58fde4389b26808462a0cc9e2739ca913ecdef61316b4f61749bf61ff9ba3389600c9cb48a6bf076132a0448602dc519cdda1718f3e
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Behavioral task
behavioral1
Sample
193e915a06ea9567bc4a91db5a31ca7a69b7ead66b81a57abb98797196514e8c.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
spoo
103.113.70.99:2630
Targets
-
-
Target
193e915a06ea9567bc4a91db5a31ca7a69b7ead66b81a57abb98797196514e8c
-
Size
304KB
-
MD5
bb10a1dd95fc80e4fe0c6a5aefc44912
-
SHA1
2d276811c4659a62ead3d342dc27f179820498ba
-
SHA256
193e915a06ea9567bc4a91db5a31ca7a69b7ead66b81a57abb98797196514e8c
-
SHA512
a95b87685de53d7ab6b2b58fde4389b26808462a0cc9e2739ca913ecdef61316b4f61749bf61ff9ba3389600c9cb48a6bf076132a0448602dc519cdda1718f3e
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-