General
-
Target
1522297cf42a5c7f30debc32226bcbe1b324c6208734b9d3350bf86d90bb86ea
-
Size
306KB
-
Sample
240424-qm3qcsaf38
-
MD5
debe79bc1c38b89e32bd8f7163b1a06c
-
SHA1
ac1cb200ef7108e218dde885155e56618de719c1
-
SHA256
1522297cf42a5c7f30debc32226bcbe1b324c6208734b9d3350bf86d90bb86ea
-
SHA512
3b1b566af21db1eaed74215763a3a92b306c115c2c80c97b59d64e850d9a0a910e889e1dc49e8cdaf8456b0536be4c67360fe3b95dad0bb0d4ceadaa121e7daa
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Behavioral task
behavioral1
Sample
1522297cf42a5c7f30debc32226bcbe1b324c6208734b9d3350bf86d90bb86ea.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
spoo
103.113.70.99:2630
Targets
-
-
Target
1522297cf42a5c7f30debc32226bcbe1b324c6208734b9d3350bf86d90bb86ea
-
Size
306KB
-
MD5
debe79bc1c38b89e32bd8f7163b1a06c
-
SHA1
ac1cb200ef7108e218dde885155e56618de719c1
-
SHA256
1522297cf42a5c7f30debc32226bcbe1b324c6208734b9d3350bf86d90bb86ea
-
SHA512
3b1b566af21db1eaed74215763a3a92b306c115c2c80c97b59d64e850d9a0a910e889e1dc49e8cdaf8456b0536be4c67360fe3b95dad0bb0d4ceadaa121e7daa
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-