General
-
Target
704dcc703dd034d6f9809fa2b2b1c3c901c841d380fcaad12e87177c8516fa5d
-
Size
305KB
-
Sample
240424-n2ynvahe76
-
MD5
f42631109a251ec609cb3b43915258bb
-
SHA1
bec3f8d1ba887ab3cb81bd8dd10c6b3e36639414
-
SHA256
704dcc703dd034d6f9809fa2b2b1c3c901c841d380fcaad12e87177c8516fa5d
-
SHA512
abdbb15608310ce9c8350c16ee1e839b9cd324115988d7c8d99bda846619ffa0d60738a7811bfbbc1c10e8d72fe905d42f773d72194006d57c0e537c8ba34e31
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Behavioral task
behavioral1
Sample
704dcc703dd034d6f9809fa2b2b1c3c901c841d380fcaad12e87177c8516fa5d.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
spoo
103.113.70.99:2630
Targets
-
-
Target
704dcc703dd034d6f9809fa2b2b1c3c901c841d380fcaad12e87177c8516fa5d
-
Size
305KB
-
MD5
f42631109a251ec609cb3b43915258bb
-
SHA1
bec3f8d1ba887ab3cb81bd8dd10c6b3e36639414
-
SHA256
704dcc703dd034d6f9809fa2b2b1c3c901c841d380fcaad12e87177c8516fa5d
-
SHA512
abdbb15608310ce9c8350c16ee1e839b9cd324115988d7c8d99bda846619ffa0d60738a7811bfbbc1c10e8d72fe905d42f773d72194006d57c0e537c8ba34e31
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-