General
-
Target
8a4f4b3b718131212e0edc9cedb98fe4257c5b7392aaabd3b5e617ddf049e138
-
Size
305KB
-
Sample
240424-psn9gsaa26
-
MD5
03e4e67eeb6a83fe04296019872a9fd7
-
SHA1
fb36a74665a9b07a018243302b07e38ab7624cef
-
SHA256
8a4f4b3b718131212e0edc9cedb98fe4257c5b7392aaabd3b5e617ddf049e138
-
SHA512
091bdfdcc3ce6b12445494e9dd8dd220bb0b582b229188c0be1baabd53d6b0af1a8e16650770413d679821656468061d74e47a17daaf27e316a250c34d535b41
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Behavioral task
behavioral1
Sample
8a4f4b3b718131212e0edc9cedb98fe4257c5b7392aaabd3b5e617ddf049e138.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
spoo
103.113.70.99:2630
Targets
-
-
Target
8a4f4b3b718131212e0edc9cedb98fe4257c5b7392aaabd3b5e617ddf049e138
-
Size
305KB
-
MD5
03e4e67eeb6a83fe04296019872a9fd7
-
SHA1
fb36a74665a9b07a018243302b07e38ab7624cef
-
SHA256
8a4f4b3b718131212e0edc9cedb98fe4257c5b7392aaabd3b5e617ddf049e138
-
SHA512
091bdfdcc3ce6b12445494e9dd8dd220bb0b582b229188c0be1baabd53d6b0af1a8e16650770413d679821656468061d74e47a17daaf27e316a250c34d535b41
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-