General
-
Target
c1c4559afcf94b6134fad4507537eced00e44d77000ec17b61352439558c5b43.exe
-
Size
541KB
-
Sample
240426-bxfk9agh9v
-
MD5
b3dde3d29de6b58cd247ccd2193e4ced
-
SHA1
2a1b433479743a064c3fb8a46d3b677c1af4a115
-
SHA256
c1c4559afcf94b6134fad4507537eced00e44d77000ec17b61352439558c5b43
-
SHA512
9ae939e2bea12f3634afed17c6b82e55f72ad7ed77197927312e86d0296f7dc7d8528ca743c6fffe2e0ce88fb80030f2cb704e4e4b3b6a324adc855ac50d635f
-
SSDEEP
12288:RAamDBG+MlCU9lcN3CNIb88WsNMP5F1k:RRlC2W3CNIb88WsNMhF
Behavioral task
behavioral1
Sample
c1c4559afcf94b6134fad4507537eced00e44d77000ec17b61352439558c5b43.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
c1c4559afcf94b6134fad4507537eced00e44d77000ec17b61352439558c5b43.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
c1c4559afcf94b6134fad4507537eced00e44d77000ec17b61352439558c5b43.exe
-
Size
541KB
-
MD5
b3dde3d29de6b58cd247ccd2193e4ced
-
SHA1
2a1b433479743a064c3fb8a46d3b677c1af4a115
-
SHA256
c1c4559afcf94b6134fad4507537eced00e44d77000ec17b61352439558c5b43
-
SHA512
9ae939e2bea12f3634afed17c6b82e55f72ad7ed77197927312e86d0296f7dc7d8528ca743c6fffe2e0ce88fb80030f2cb704e4e4b3b6a324adc855ac50d635f
-
SSDEEP
12288:RAamDBG+MlCU9lcN3CNIb88WsNMP5F1k:RRlC2W3CNIb88WsNMhF
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-