General
-
Target
3c565b1e60bf610f97e3c82d8ba94c29111baffd42be950832eda874d6e19c0a
-
Size
360KB
-
Sample
211103-mqlpgaagar
-
MD5
a78d44132eab256f42b07f4050f53b36
-
SHA1
30df649cf7fc9a551d30c0381263cb2afdd0c231
-
SHA256
3c565b1e60bf610f97e3c82d8ba94c29111baffd42be950832eda874d6e19c0a
-
SHA512
ed3fe6b13c5df8529200db659457b6f6ce58f7fbe065fcaf0c7267120fbdc275034182c912238c5daf3d171e88a781f0d070531b561ef4d68fcff31ebd46ef88
Static task
static1
Malware Config
Extracted
redline
SomeBody
185.215.113.29:36224
Targets
-
-
Target
3c565b1e60bf610f97e3c82d8ba94c29111baffd42be950832eda874d6e19c0a
-
Size
360KB
-
MD5
a78d44132eab256f42b07f4050f53b36
-
SHA1
30df649cf7fc9a551d30c0381263cb2afdd0c231
-
SHA256
3c565b1e60bf610f97e3c82d8ba94c29111baffd42be950832eda874d6e19c0a
-
SHA512
ed3fe6b13c5df8529200db659457b6f6ce58f7fbe065fcaf0c7267120fbdc275034182c912238c5daf3d171e88a781f0d070531b561ef4d68fcff31ebd46ef88
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-