General
-
Target
535fedc32f75d3f09a591dc6ebf8080ca2ccb0f8b06ee519e94e78fd64d4705f
-
Size
361KB
-
Sample
211103-phr8dsahem
-
MD5
c9fc3e8d0cbd3ca404eb26a5ede36fce
-
SHA1
9b0314fc996346a288a07d787c6f366a352b6f4e
-
SHA256
535fedc32f75d3f09a591dc6ebf8080ca2ccb0f8b06ee519e94e78fd64d4705f
-
SHA512
b8daefb030e53d3c79c2771515f24bc2abf7a315b7acfa05aeda9834b92a40073d21e24b0894a04e16ae0be843952fade918b8e73dc3435d8e5c00edde5d2949
Static task
static1
Malware Config
Extracted
redline
SomeBody
185.215.113.29:36224
Targets
-
-
Target
535fedc32f75d3f09a591dc6ebf8080ca2ccb0f8b06ee519e94e78fd64d4705f
-
Size
361KB
-
MD5
c9fc3e8d0cbd3ca404eb26a5ede36fce
-
SHA1
9b0314fc996346a288a07d787c6f366a352b6f4e
-
SHA256
535fedc32f75d3f09a591dc6ebf8080ca2ccb0f8b06ee519e94e78fd64d4705f
-
SHA512
b8daefb030e53d3c79c2771515f24bc2abf7a315b7acfa05aeda9834b92a40073d21e24b0894a04e16ae0be843952fade918b8e73dc3435d8e5c00edde5d2949
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-