General
-
Target
aaf4878f64251b4aed2147b53a8539bf311338c9f7703a2ddad3dcb56d6e227d
-
Size
686KB
-
Sample
240708-klrc2stclf
-
MD5
a5fe32c947b45855a82399c6e1fde0ec
-
SHA1
ac4c81d83553d71ec68e7033ed3a9a102318fd30
-
SHA256
aaf4878f64251b4aed2147b53a8539bf311338c9f7703a2ddad3dcb56d6e227d
-
SHA512
d69d6573082dbc5eb26fc79cdc165f44c3ce76c774b18157c2657bac6efc5cbf30d1f46696348a0932936056385676d6e728c442ff6980278f4169aaa9397e09
-
SSDEEP
12288:Btd/F2/bjA7/kkRRBK1TMeLNNv0ZgcE295mp2ldeTNDrJ/JRNFVmq:t8/Pevo14evJ2rq2zKND9J7FVmq
Static task
static1
Behavioral task
behavioral1
Sample
cc03430547aeb57a48bea8b42166aa5d67fa03097c8e6e1db055e30dc27e9baf.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
cc03430547aeb57a48bea8b42166aa5d67fa03097c8e6e1db055e30dc27e9baf.exe
Resource
win10v2004-20240704-en
Malware Config
Extracted
redline
crackcloud
94.156.67.140:31957
Targets
-
-
Target
cc03430547aeb57a48bea8b42166aa5d67fa03097c8e6e1db055e30dc27e9baf.exe
-
Size
1.1MB
-
MD5
4ac5de9d55c788c81412dcf74816b202
-
SHA1
16fbfc093f8bc4ba382bcbf52361cc8acfe4c2a4
-
SHA256
cc03430547aeb57a48bea8b42166aa5d67fa03097c8e6e1db055e30dc27e9baf
-
SHA512
3aac7dcca7baa365788d4829c9374054bb614da65fe81cf70deb8b22eec91f99b0fae87baabe13b2228ea7c3961200142aad8f875608bd8dcfa534e9fe18efc5
-
SSDEEP
24576:CBWD95o5+hFcG4fVdx8Wx9YPt0Sx611O4sAG8y1:CBWgp3p2trxM1v/G51
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-