General
-
Target
81e22995c967b1f6df2e110bd23bce924b5e740b170bf7b57773a5d37378d2e2
-
Size
305KB
-
Sample
240424-n6jeqahf27
-
MD5
0e25e85ff83cc6b5628df7581bb68f28
-
SHA1
773ae37b04b706d19df738ac86e7b1693b760bb2
-
SHA256
81e22995c967b1f6df2e110bd23bce924b5e740b170bf7b57773a5d37378d2e2
-
SHA512
f3b06d053d6ba4e2b03f35d593c35cb28791db3ea558460931ffe068a4ad4dca30a76208b333c0ea3f88e1906b0850575b493a343233411f3a5150f3015b1d75
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Behavioral task
behavioral1
Sample
81e22995c967b1f6df2e110bd23bce924b5e740b170bf7b57773a5d37378d2e2.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
spoo
103.113.70.99:2630
Targets
-
-
Target
81e22995c967b1f6df2e110bd23bce924b5e740b170bf7b57773a5d37378d2e2
-
Size
305KB
-
MD5
0e25e85ff83cc6b5628df7581bb68f28
-
SHA1
773ae37b04b706d19df738ac86e7b1693b760bb2
-
SHA256
81e22995c967b1f6df2e110bd23bce924b5e740b170bf7b57773a5d37378d2e2
-
SHA512
f3b06d053d6ba4e2b03f35d593c35cb28791db3ea558460931ffe068a4ad4dca30a76208b333c0ea3f88e1906b0850575b493a343233411f3a5150f3015b1d75
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-