General
-
Target
a24ed4ed43826ad821bd685756af9fcf2297523af18ede60ed3619de2c126cd7
-
Size
305KB
-
Sample
240424-nstcrshd2w
-
MD5
913861961ca3a78283711ae9b72c9d24
-
SHA1
45e61f9ce09b85cec8d8bf7ed716620663d72824
-
SHA256
a24ed4ed43826ad821bd685756af9fcf2297523af18ede60ed3619de2c126cd7
-
SHA512
1fc2abec00305e3bcbbebb42253228a63e09bec37771177aed29a5b76f3781aa03b990955d5aab6b7edfee851747b14fc37571e55c0837e9ad2f177d7d4b8595
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Behavioral task
behavioral1
Sample
a24ed4ed43826ad821bd685756af9fcf2297523af18ede60ed3619de2c126cd7.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
redline
spoo
103.113.70.99:2630
Targets
-
-
Target
a24ed4ed43826ad821bd685756af9fcf2297523af18ede60ed3619de2c126cd7
-
Size
305KB
-
MD5
913861961ca3a78283711ae9b72c9d24
-
SHA1
45e61f9ce09b85cec8d8bf7ed716620663d72824
-
SHA256
a24ed4ed43826ad821bd685756af9fcf2297523af18ede60ed3619de2c126cd7
-
SHA512
1fc2abec00305e3bcbbebb42253228a63e09bec37771177aed29a5b76f3781aa03b990955d5aab6b7edfee851747b14fc37571e55c0837e9ad2f177d7d4b8595
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-