General
-
Target
d01fd020d33b4d532d5c34ecb527086320adda7fb96f681e6d9ce1ed3c8ce4f8
-
Size
305KB
-
Sample
240424-nc8grahb6s
-
MD5
76a907e5878371d484026dcd13fb0eab
-
SHA1
a5850d78014ce1d345f7ebce375b7cd6a0e824c2
-
SHA256
d01fd020d33b4d532d5c34ecb527086320adda7fb96f681e6d9ce1ed3c8ce4f8
-
SHA512
dd2e3c2fd2af6d4f420fae11d24c058ff732538caf038a282ec1d04f60cb74265e4bf773d1f2108a8c56418c3a9bdbca83782e6cfd957db14a295ab078c2c15d
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Behavioral task
behavioral1
Sample
d01fd020d33b4d532d5c34ecb527086320adda7fb96f681e6d9ce1ed3c8ce4f8.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
spoo
103.113.70.99:2630
Targets
-
-
Target
d01fd020d33b4d532d5c34ecb527086320adda7fb96f681e6d9ce1ed3c8ce4f8
-
Size
305KB
-
MD5
76a907e5878371d484026dcd13fb0eab
-
SHA1
a5850d78014ce1d345f7ebce375b7cd6a0e824c2
-
SHA256
d01fd020d33b4d532d5c34ecb527086320adda7fb96f681e6d9ce1ed3c8ce4f8
-
SHA512
dd2e3c2fd2af6d4f420fae11d24c058ff732538caf038a282ec1d04f60cb74265e4bf773d1f2108a8c56418c3a9bdbca83782e6cfd957db14a295ab078c2c15d
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-