General
-
Target
74f5231e06fadad815048677874cfce242960742920a7aa8468262f37432b62f
-
Size
305KB
-
Sample
240424-p8wnhaac96
-
MD5
6c80ee95ae6899ab5f53e4b16cc4e002
-
SHA1
7b101646ebc73c306fbc80ff83a7fcf3e49c949a
-
SHA256
74f5231e06fadad815048677874cfce242960742920a7aa8468262f37432b62f
-
SHA512
60e13c12731c71aca7a924b3821443385d5e5c9efae08ed0c7ade7d4f0d9e1dce7727ed8872a32bff0eaa264f2ab55eb44f9975ff2ace60d94ec614a988a618d
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Behavioral task
behavioral1
Sample
74f5231e06fadad815048677874cfce242960742920a7aa8468262f37432b62f.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
spoo
103.113.70.99:2630
Targets
-
-
Target
74f5231e06fadad815048677874cfce242960742920a7aa8468262f37432b62f
-
Size
305KB
-
MD5
6c80ee95ae6899ab5f53e4b16cc4e002
-
SHA1
7b101646ebc73c306fbc80ff83a7fcf3e49c949a
-
SHA256
74f5231e06fadad815048677874cfce242960742920a7aa8468262f37432b62f
-
SHA512
60e13c12731c71aca7a924b3821443385d5e5c9efae08ed0c7ade7d4f0d9e1dce7727ed8872a32bff0eaa264f2ab55eb44f9975ff2ace60d94ec614a988a618d
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-