General
-
Target
aacd5d2b76dee01233c75220835c834ceb2a14c5ea21e5a78728169292122d7e
-
Size
306KB
-
Sample
240424-qtr77sag49
-
MD5
f3a1bf332a7ff00ce5784c77aba50acb
-
SHA1
59311a20af6c1ea3bc0111fcd1b630a9135d3fd8
-
SHA256
aacd5d2b76dee01233c75220835c834ceb2a14c5ea21e5a78728169292122d7e
-
SHA512
ea1be13079adb16ec803c1c2bfabcc3b5e2f9b97c776bc9f2c7a5fe0a4ba3fb58fac360ea553c56b5188013962b9d8fea726d79ec18ef8cd769bd983f52a7e71
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Behavioral task
behavioral1
Sample
aacd5d2b76dee01233c75220835c834ceb2a14c5ea21e5a78728169292122d7e.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral2
Sample
aacd5d2b76dee01233c75220835c834ceb2a14c5ea21e5a78728169292122d7e.exe
Resource
win11-20240412-en
Malware Config
Extracted
redline
spoo
103.113.70.99:2630
Targets
-
-
Target
aacd5d2b76dee01233c75220835c834ceb2a14c5ea21e5a78728169292122d7e
-
Size
306KB
-
MD5
f3a1bf332a7ff00ce5784c77aba50acb
-
SHA1
59311a20af6c1ea3bc0111fcd1b630a9135d3fd8
-
SHA256
aacd5d2b76dee01233c75220835c834ceb2a14c5ea21e5a78728169292122d7e
-
SHA512
ea1be13079adb16ec803c1c2bfabcc3b5e2f9b97c776bc9f2c7a5fe0a4ba3fb58fac360ea553c56b5188013962b9d8fea726d79ec18ef8cd769bd983f52a7e71
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-