General
-
Target
5bafdfded11c6fcbee0b5073018ceadcf52d3ebadc375082a73572e192ee06bf
-
Size
306KB
-
Sample
240424-scksxaca23
-
MD5
afc713b1e5099669cae7ebb7bcac181d
-
SHA1
6afe65b171a7a9d34aaaa958ef275d3e0e35d3af
-
SHA256
5bafdfded11c6fcbee0b5073018ceadcf52d3ebadc375082a73572e192ee06bf
-
SHA512
e93e6ffdbd20f0969f073fcd93a02c22b81bdbde952e2f97ae32b6a1f80099aec59aadae1eaa2f5377844ddd2938dca728f510ce23f0dede7370ea5b238fb679
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Behavioral task
behavioral1
Sample
5bafdfded11c6fcbee0b5073018ceadcf52d3ebadc375082a73572e192ee06bf.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
redline
spoo
103.113.70.99:2630
Targets
-
-
Target
5bafdfded11c6fcbee0b5073018ceadcf52d3ebadc375082a73572e192ee06bf
-
Size
306KB
-
MD5
afc713b1e5099669cae7ebb7bcac181d
-
SHA1
6afe65b171a7a9d34aaaa958ef275d3e0e35d3af
-
SHA256
5bafdfded11c6fcbee0b5073018ceadcf52d3ebadc375082a73572e192ee06bf
-
SHA512
e93e6ffdbd20f0969f073fcd93a02c22b81bdbde952e2f97ae32b6a1f80099aec59aadae1eaa2f5377844ddd2938dca728f510ce23f0dede7370ea5b238fb679
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-