General
-
Target
ed10fcee0434902f9d33cf169b29a2d459fcfa8a9bfad4b825700448a1f2e8e2
-
Size
306KB
-
Sample
240424-q44c8aba27
-
MD5
39521bd9e98a1fb1e98b7dc838d27d1a
-
SHA1
9b0ae92908be45ab0650a1fa7b4aea21d041d1d3
-
SHA256
ed10fcee0434902f9d33cf169b29a2d459fcfa8a9bfad4b825700448a1f2e8e2
-
SHA512
9ec70fc6ef46a3d0ec8c10a32228ef409173bfe2419ea742d58251158d1322d1fbff390a02952f97a0035fcfb4ada986633d34b881e54e0246fd35bf3c8035e0
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Behavioral task
behavioral1
Sample
ed10fcee0434902f9d33cf169b29a2d459fcfa8a9bfad4b825700448a1f2e8e2.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
spoo
103.113.70.99:2630
Targets
-
-
Target
ed10fcee0434902f9d33cf169b29a2d459fcfa8a9bfad4b825700448a1f2e8e2
-
Size
306KB
-
MD5
39521bd9e98a1fb1e98b7dc838d27d1a
-
SHA1
9b0ae92908be45ab0650a1fa7b4aea21d041d1d3
-
SHA256
ed10fcee0434902f9d33cf169b29a2d459fcfa8a9bfad4b825700448a1f2e8e2
-
SHA512
9ec70fc6ef46a3d0ec8c10a32228ef409173bfe2419ea742d58251158d1322d1fbff390a02952f97a0035fcfb4ada986633d34b881e54e0246fd35bf3c8035e0
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-