General
-
Target
c45e22da2024e8fbc107198e99ea1d8100df8036272e81a08507a1442f12619b
-
Size
417KB
-
Sample
211017-ztbpwsdgcp
-
MD5
a0b9ecbbf1d17183e9dceeddfa3c98c8
-
SHA1
4221bd67df940ada65b73cb90ab7e2df7fcd9e83
-
SHA256
c45e22da2024e8fbc107198e99ea1d8100df8036272e81a08507a1442f12619b
-
SHA512
437cbe67525071e57078337b266859b7f5ec51656517372106043808a6a21d4ddd0921cf4cf50ef54d1e8c94a5ef8a903599d16ef3bb403cf067665a22a34749
Static task
static1
Malware Config
Extracted
redline
sewPalp
185.215.113.29:24645
Targets
-
-
Target
c45e22da2024e8fbc107198e99ea1d8100df8036272e81a08507a1442f12619b
-
Size
417KB
-
MD5
a0b9ecbbf1d17183e9dceeddfa3c98c8
-
SHA1
4221bd67df940ada65b73cb90ab7e2df7fcd9e83
-
SHA256
c45e22da2024e8fbc107198e99ea1d8100df8036272e81a08507a1442f12619b
-
SHA512
437cbe67525071e57078337b266859b7f5ec51656517372106043808a6a21d4ddd0921cf4cf50ef54d1e8c94a5ef8a903599d16ef3bb403cf067665a22a34749
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-