General
-
Target
52c577f7b3d48d2c38fbe75615acd65756ac6d234125129824db4f902c90905b
-
Size
306KB
-
Sample
240424-rg1jgsbc52
-
MD5
15f965db1341008df96145eaf9ab1d78
-
SHA1
3bd2143c8def37fbb5a16ef2405abf83db69a6d8
-
SHA256
52c577f7b3d48d2c38fbe75615acd65756ac6d234125129824db4f902c90905b
-
SHA512
c5d934ed1f30084ed1deb7e72b2199e59143534b1457b192bce8be5c6f352afb6074c04c8a53655b22a7e64ce587d50731a2a51c074f3db08bdc890f2601d049
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Behavioral task
behavioral1
Sample
52c577f7b3d48d2c38fbe75615acd65756ac6d234125129824db4f902c90905b.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
spoo
103.113.70.99:2630
Targets
-
-
Target
52c577f7b3d48d2c38fbe75615acd65756ac6d234125129824db4f902c90905b
-
Size
306KB
-
MD5
15f965db1341008df96145eaf9ab1d78
-
SHA1
3bd2143c8def37fbb5a16ef2405abf83db69a6d8
-
SHA256
52c577f7b3d48d2c38fbe75615acd65756ac6d234125129824db4f902c90905b
-
SHA512
c5d934ed1f30084ed1deb7e72b2199e59143534b1457b192bce8be5c6f352afb6074c04c8a53655b22a7e64ce587d50731a2a51c074f3db08bdc890f2601d049
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-