General
-
Target
122dad0b81f28fe27717e321195abc791148d4acf1155b16750295c335701ebf
-
Size
306KB
-
Sample
240424-r38rzsbg9y
-
MD5
c2de8af58d1e2964f895feb2e65aeeb7
-
SHA1
370885ef4de13c947b096bc528646e94eb0df0f0
-
SHA256
122dad0b81f28fe27717e321195abc791148d4acf1155b16750295c335701ebf
-
SHA512
9f7060497be7135e4be4a7a082c076e895e4034a5bdc0308424d118b3266bb0bcd4701395986c2a783909f548fb45df2c8e6cc837ad0953c56dc97f178fa9792
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Behavioral task
behavioral1
Sample
122dad0b81f28fe27717e321195abc791148d4acf1155b16750295c335701ebf.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
spoo
103.113.70.99:2630
Targets
-
-
Target
122dad0b81f28fe27717e321195abc791148d4acf1155b16750295c335701ebf
-
Size
306KB
-
MD5
c2de8af58d1e2964f895feb2e65aeeb7
-
SHA1
370885ef4de13c947b096bc528646e94eb0df0f0
-
SHA256
122dad0b81f28fe27717e321195abc791148d4acf1155b16750295c335701ebf
-
SHA512
9f7060497be7135e4be4a7a082c076e895e4034a5bdc0308424d118b3266bb0bcd4701395986c2a783909f548fb45df2c8e6cc837ad0953c56dc97f178fa9792
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-