General
-
Target
950e77f0bf1e1564f95a9ca959449e31610265a33179842a6ad777979956a3bd
-
Size
305KB
-
Sample
240424-pkdg1shg61
-
MD5
2e6c8c99fe7fd7740a3d804e69f4107b
-
SHA1
d00d494e8f93e74daa253817797db032e33684c3
-
SHA256
950e77f0bf1e1564f95a9ca959449e31610265a33179842a6ad777979956a3bd
-
SHA512
22a3335b6181c542e7b251faf1e3e5841a864badb340419eb37133a70294b2067f96c6d9f79f0dfbbce273c07e79cb29442b063d9b4359085e5fdf1f8c99609e
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Behavioral task
behavioral1
Sample
950e77f0bf1e1564f95a9ca959449e31610265a33179842a6ad777979956a3bd.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
spoo
103.113.70.99:2630
Targets
-
-
Target
950e77f0bf1e1564f95a9ca959449e31610265a33179842a6ad777979956a3bd
-
Size
305KB
-
MD5
2e6c8c99fe7fd7740a3d804e69f4107b
-
SHA1
d00d494e8f93e74daa253817797db032e33684c3
-
SHA256
950e77f0bf1e1564f95a9ca959449e31610265a33179842a6ad777979956a3bd
-
SHA512
22a3335b6181c542e7b251faf1e3e5841a864badb340419eb37133a70294b2067f96c6d9f79f0dfbbce273c07e79cb29442b063d9b4359085e5fdf1f8c99609e
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-