General
-
Target
build.exe
-
Size
300KB
-
Sample
240510-ttxz8see61
-
MD5
28b24806b436275c94a501ea65b311be
-
SHA1
b538826ce122b751b757b5f2ffbe9b11de11d3cb
-
SHA256
c9afe14c78c409a1b0c9f443cfa7abf1d31a5f2258642bfdc9ad4afc248d713e
-
SHA512
d211000197930d3030826d7e31f7de6ed3249e514488c8cd03522c3becb0141f792b29ec58f69f9f15c15382f41fcb85cfda7f421697e209762215bbe6fe1afd
-
SSDEEP
3072:+cZqf7D341p/0+mAQkygQAQEgTLB1fA0PuTVAtkxzr3RQeqiOL2bBOA:+cZqf7DIvnyzjB1fA0GTV8kNwL
Behavioral task
behavioral1
Sample
build.exe
Resource
win7-20240221-en
Malware Config
Extracted
redline
Main
37.1.36.185:1912
Targets
-
-
Target
build.exe
-
Size
300KB
-
MD5
28b24806b436275c94a501ea65b311be
-
SHA1
b538826ce122b751b757b5f2ffbe9b11de11d3cb
-
SHA256
c9afe14c78c409a1b0c9f443cfa7abf1d31a5f2258642bfdc9ad4afc248d713e
-
SHA512
d211000197930d3030826d7e31f7de6ed3249e514488c8cd03522c3becb0141f792b29ec58f69f9f15c15382f41fcb85cfda7f421697e209762215bbe6fe1afd
-
SSDEEP
3072:+cZqf7D341p/0+mAQkygQAQEgTLB1fA0PuTVAtkxzr3RQeqiOL2bBOA:+cZqf7DIvnyzjB1fA0GTV8kNwL
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-