General
-
Target
build630506.packed.exe
-
Size
120KB
-
Sample
250701-f8m7pasmt7
-
MD5
d0fa0804683736f614948a96d40a546b
-
SHA1
bcdf0b8eebf8943eb27a7f65aaabcdec5e8f3767
-
SHA256
a389262059c72f322d20b0607cc4c503431d034024dbebd5aeb744091ee77782
-
SHA512
4bade5dd011b1a4442eb999a34772e101d5b04bf4eb59526de76f2f7a6db20415cd383a177463a7acb28e864fe2df6b9553b59f54bf77130c9266b74471a2fc2
-
SSDEEP
3072:edc3ISRtepLoTjZ45KRRaoq0mqiIRRwyGgmzoCWfq8Ipwyc:ecRtev6g1siORwyGgmWIi
Static task
static1
Behavioral task
behavioral1
Sample
build630506.packed.exe
Resource
win11-20250619-en
Malware Config
Extracted
redline
630test506
40.76.123.249:1912
Targets
-
-
Target
build630506.packed.exe
-
Size
120KB
-
MD5
d0fa0804683736f614948a96d40a546b
-
SHA1
bcdf0b8eebf8943eb27a7f65aaabcdec5e8f3767
-
SHA256
a389262059c72f322d20b0607cc4c503431d034024dbebd5aeb744091ee77782
-
SHA512
4bade5dd011b1a4442eb999a34772e101d5b04bf4eb59526de76f2f7a6db20415cd383a177463a7acb28e864fe2df6b9553b59f54bf77130c9266b74471a2fc2
-
SSDEEP
3072:edc3ISRtepLoTjZ45KRRaoq0mqiIRRwyGgmzoCWfq8Ipwyc:ecRtev6g1siORwyGgmWIi
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-