General
-
Target
build.exe
-
Size
300KB
-
Sample
240706-e83rpsybpd
-
MD5
d9b62efdcd79eaaa10970523ee9c43bd
-
SHA1
e4e1922e10895b250450c9b69246f55f71ea0fb3
-
SHA256
057e8f24fa437c39261dfdea79f080ac531753e2edb701bbfaf2a16910675673
-
SHA512
e68372ba27b12372e18544aa8ded857b34bd866e5909125a5f62b120c525a38271052da6c2384a703a6d88fe92b3b9020a612bd00abea5529ff1cb15da9efe92
-
SSDEEP
3072:OcZqf7D34cp/0+mAgkygC+QQEgefB1fA0PuTVAtkxzB3RgeqiOL2bBOA:OcZqf7DIknY+joB1fA0GTV8kngL
Behavioral task
behavioral1
Sample
build.exe
Resource
win7-20240220-en
Malware Config
Extracted
redline
GameTrash
213.219.199.48:1912
Targets
-
-
Target
build.exe
-
Size
300KB
-
MD5
d9b62efdcd79eaaa10970523ee9c43bd
-
SHA1
e4e1922e10895b250450c9b69246f55f71ea0fb3
-
SHA256
057e8f24fa437c39261dfdea79f080ac531753e2edb701bbfaf2a16910675673
-
SHA512
e68372ba27b12372e18544aa8ded857b34bd866e5909125a5f62b120c525a38271052da6c2384a703a6d88fe92b3b9020a612bd00abea5529ff1cb15da9efe92
-
SSDEEP
3072:OcZqf7D34cp/0+mAgkygC+QQEgefB1fA0PuTVAtkxzB3RgeqiOL2bBOA:OcZqf7DIknY+joB1fA0GTV8kngL
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-