General
-
Target
87fb763bcfa23e2f262e327733fc80f9211a48d63dc1e9140079fe88d38b9730
-
Size
305KB
-
Sample
240424-p7bxpsac74
-
MD5
84bdece6c033bed77cf96ada14489f83
-
SHA1
d0a99a66509adbcadf1fda27037731b2c055b780
-
SHA256
87fb763bcfa23e2f262e327733fc80f9211a48d63dc1e9140079fe88d38b9730
-
SHA512
2bceb67757563dbc8fb10ef134c3b6561d2fecde0eb7cbd31a2b8f963a3fd6ecc07a3336f322fe02b58b1d3bfda564bef20977795453fd321dfb21ffcc80fcde
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Behavioral task
behavioral1
Sample
87fb763bcfa23e2f262e327733fc80f9211a48d63dc1e9140079fe88d38b9730.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral2
Sample
87fb763bcfa23e2f262e327733fc80f9211a48d63dc1e9140079fe88d38b9730.exe
Resource
win11-20240412-en
Malware Config
Extracted
redline
spoo
103.113.70.99:2630
Targets
-
-
Target
87fb763bcfa23e2f262e327733fc80f9211a48d63dc1e9140079fe88d38b9730
-
Size
305KB
-
MD5
84bdece6c033bed77cf96ada14489f83
-
SHA1
d0a99a66509adbcadf1fda27037731b2c055b780
-
SHA256
87fb763bcfa23e2f262e327733fc80f9211a48d63dc1e9140079fe88d38b9730
-
SHA512
2bceb67757563dbc8fb10ef134c3b6561d2fecde0eb7cbd31a2b8f963a3fd6ecc07a3336f322fe02b58b1d3bfda564bef20977795453fd321dfb21ffcc80fcde
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-