General
-
Target
565dccd2ee83837ae2c8886fdcf4e56a5b856d00f8f01d2693277f757e16e8ca
-
Size
306KB
-
Sample
240424-rqch1sbd68
-
MD5
cee51e601bf170ef43066f39376a0b57
-
SHA1
4f465632691fd15a1ee1cc6ff0476a6ae248c613
-
SHA256
565dccd2ee83837ae2c8886fdcf4e56a5b856d00f8f01d2693277f757e16e8ca
-
SHA512
9150041e800dff07b3fedd0d423405678093f42a3505f7deafc61ea2818e470cd6759ee0039704d5c2fc95f85c9dd1b23802494ddde133829f9a6d11296b1ab2
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Behavioral task
behavioral1
Sample
565dccd2ee83837ae2c8886fdcf4e56a5b856d00f8f01d2693277f757e16e8ca.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
spoo
103.113.70.99:2630
Targets
-
-
Target
565dccd2ee83837ae2c8886fdcf4e56a5b856d00f8f01d2693277f757e16e8ca
-
Size
306KB
-
MD5
cee51e601bf170ef43066f39376a0b57
-
SHA1
4f465632691fd15a1ee1cc6ff0476a6ae248c613
-
SHA256
565dccd2ee83837ae2c8886fdcf4e56a5b856d00f8f01d2693277f757e16e8ca
-
SHA512
9150041e800dff07b3fedd0d423405678093f42a3505f7deafc61ea2818e470cd6759ee0039704d5c2fc95f85c9dd1b23802494ddde133829f9a6d11296b1ab2
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-