General
-
Target
d88b3c5f44d54889c0a234c0eba8772063f09081f99cfb9b5a631640e2524237
-
Size
306KB
-
Sample
240424-sqlblacc73
-
MD5
4de5db45e2adf75a550cf2d223385427
-
SHA1
b831a8df359a508a9794a41e8eb1a5f271cea72a
-
SHA256
d88b3c5f44d54889c0a234c0eba8772063f09081f99cfb9b5a631640e2524237
-
SHA512
e0865d323bf6ac213ffc15a145eaf60e95e4a4ec50659a0805effb6fbc83a046cc1283eef85fb7f8f214bdb3fe280a2113241f3de7f70582576154c53f4b7e32
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Behavioral task
behavioral1
Sample
d88b3c5f44d54889c0a234c0eba8772063f09081f99cfb9b5a631640e2524237.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
redline
spoo
103.113.70.99:2630
Targets
-
-
Target
d88b3c5f44d54889c0a234c0eba8772063f09081f99cfb9b5a631640e2524237
-
Size
306KB
-
MD5
4de5db45e2adf75a550cf2d223385427
-
SHA1
b831a8df359a508a9794a41e8eb1a5f271cea72a
-
SHA256
d88b3c5f44d54889c0a234c0eba8772063f09081f99cfb9b5a631640e2524237
-
SHA512
e0865d323bf6ac213ffc15a145eaf60e95e4a4ec50659a0805effb6fbc83a046cc1283eef85fb7f8f214bdb3fe280a2113241f3de7f70582576154c53f4b7e32
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-