General
-
Target
cc03430547aeb57a48bea8b42166aa5d67fa03097c8e6.exe
-
Size
1.1MB
-
Sample
240706-cjebpssfmp
-
MD5
4ac5de9d55c788c81412dcf74816b202
-
SHA1
16fbfc093f8bc4ba382bcbf52361cc8acfe4c2a4
-
SHA256
cc03430547aeb57a48bea8b42166aa5d67fa03097c8e6e1db055e30dc27e9baf
-
SHA512
3aac7dcca7baa365788d4829c9374054bb614da65fe81cf70deb8b22eec91f99b0fae87baabe13b2228ea7c3961200142aad8f875608bd8dcfa534e9fe18efc5
-
SSDEEP
24576:CBWD95o5+hFcG4fVdx8Wx9YPt0Sx611O4sAG8y1:CBWgp3p2trxM1v/G51
Static task
static1
Behavioral task
behavioral1
Sample
cc03430547aeb57a48bea8b42166aa5d67fa03097c8e6.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
cc03430547aeb57a48bea8b42166aa5d67fa03097c8e6.exe
Resource
win10v2004-20240704-en
Malware Config
Extracted
redline
crackcloud
94.156.67.140:31957
Targets
-
-
Target
cc03430547aeb57a48bea8b42166aa5d67fa03097c8e6.exe
-
Size
1.1MB
-
MD5
4ac5de9d55c788c81412dcf74816b202
-
SHA1
16fbfc093f8bc4ba382bcbf52361cc8acfe4c2a4
-
SHA256
cc03430547aeb57a48bea8b42166aa5d67fa03097c8e6e1db055e30dc27e9baf
-
SHA512
3aac7dcca7baa365788d4829c9374054bb614da65fe81cf70deb8b22eec91f99b0fae87baabe13b2228ea7c3961200142aad8f875608bd8dcfa534e9fe18efc5
-
SSDEEP
24576:CBWD95o5+hFcG4fVdx8Wx9YPt0Sx611O4sAG8y1:CBWgp3p2trxM1v/G51
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-