General
-
Target
00066268b11488b6568fa6f27243afbd71d07c38978b9aa9c75d14524cecc5f8
-
Size
305KB
-
Sample
240424-n53rzahf2w
-
MD5
9241cb912cf8647c894cf723f3f97de0
-
SHA1
829fcdb142f7996fca8a22ef6c42fcf87e26531f
-
SHA256
00066268b11488b6568fa6f27243afbd71d07c38978b9aa9c75d14524cecc5f8
-
SHA512
724c5573d008a04ddd7c7159f57fe88f839d130e71198298f67408d67be08b98341c55bf56e1b05448dd01cbb3b8944bb5144e80e8cb079ff3cbf1be5e117322
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Behavioral task
behavioral1
Sample
00066268b11488b6568fa6f27243afbd71d07c38978b9aa9c75d14524cecc5f8.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
spoo
103.113.70.99:2630
Targets
-
-
Target
00066268b11488b6568fa6f27243afbd71d07c38978b9aa9c75d14524cecc5f8
-
Size
305KB
-
MD5
9241cb912cf8647c894cf723f3f97de0
-
SHA1
829fcdb142f7996fca8a22ef6c42fcf87e26531f
-
SHA256
00066268b11488b6568fa6f27243afbd71d07c38978b9aa9c75d14524cecc5f8
-
SHA512
724c5573d008a04ddd7c7159f57fe88f839d130e71198298f67408d67be08b98341c55bf56e1b05448dd01cbb3b8944bb5144e80e8cb079ff3cbf1be5e117322
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-