General
-
Target
9fdf5553dce86620266526f9b24f51ad948a86d73a44416789081842fbc55f23
-
Size
306KB
-
Sample
240424-sft6raca85
-
MD5
60f1f4c777302c8386eaa50bf543f893
-
SHA1
33d153574913d175483b0820ded5a040dfd11ab1
-
SHA256
9fdf5553dce86620266526f9b24f51ad948a86d73a44416789081842fbc55f23
-
SHA512
ee20effd193ae345c1188f3cd2a1eb6295d96b72991cdcf72d5ee09aee83f3759ac7bb45efc13c099ff370b15121c9c02a80e80a81ec24240046eb6958cfe08b
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Behavioral task
behavioral1
Sample
9fdf5553dce86620266526f9b24f51ad948a86d73a44416789081842fbc55f23.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
spoo
103.113.70.99:2630
Targets
-
-
Target
9fdf5553dce86620266526f9b24f51ad948a86d73a44416789081842fbc55f23
-
Size
306KB
-
MD5
60f1f4c777302c8386eaa50bf543f893
-
SHA1
33d153574913d175483b0820ded5a040dfd11ab1
-
SHA256
9fdf5553dce86620266526f9b24f51ad948a86d73a44416789081842fbc55f23
-
SHA512
ee20effd193ae345c1188f3cd2a1eb6295d96b72991cdcf72d5ee09aee83f3759ac7bb45efc13c099ff370b15121c9c02a80e80a81ec24240046eb6958cfe08b
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-