General
-
Target
e75f2c4950175371c8d557afa255bf05e3ba8f34d8d8c9d9aef04d408c88d5f3
-
Size
306KB
-
Sample
240424-r8q45abh42
-
MD5
d1b287156864c4b09deaeef7da6df68a
-
SHA1
675562023a4fb00681be4c012fe363335d916ec2
-
SHA256
e75f2c4950175371c8d557afa255bf05e3ba8f34d8d8c9d9aef04d408c88d5f3
-
SHA512
e17695d6a0796e7321a4d54731c20cf3b09e2a5b25f4a4141fd0b4be0493bb35836e8051e2cb4fa91bf1755381a7c16a4d31f0e11dd7b9c28edd187af919595f
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Behavioral task
behavioral1
Sample
e75f2c4950175371c8d557afa255bf05e3ba8f34d8d8c9d9aef04d408c88d5f3.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
spoo
103.113.70.99:2630
Targets
-
-
Target
e75f2c4950175371c8d557afa255bf05e3ba8f34d8d8c9d9aef04d408c88d5f3
-
Size
306KB
-
MD5
d1b287156864c4b09deaeef7da6df68a
-
SHA1
675562023a4fb00681be4c012fe363335d916ec2
-
SHA256
e75f2c4950175371c8d557afa255bf05e3ba8f34d8d8c9d9aef04d408c88d5f3
-
SHA512
e17695d6a0796e7321a4d54731c20cf3b09e2a5b25f4a4141fd0b4be0493bb35836e8051e2cb4fa91bf1755381a7c16a4d31f0e11dd7b9c28edd187af919595f
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-