General
-
Target
cf1cc4007b4eb9e98975ad5ff370db68ad168ee1953b982111373246784dafa7
-
Size
243KB
-
Sample
211104-2an7zsehdp
-
MD5
a381a39546b85a7c66368279535db02b
-
SHA1
591d5ae84b8fe5766c0c443eb10c2be9fbaf7827
-
SHA256
cf1cc4007b4eb9e98975ad5ff370db68ad168ee1953b982111373246784dafa7
-
SHA512
0ef9f3ab93cfec87e1dad648022795d9d5f32ce2098958d8abe0e18c3c16addf4ab9ae2ff2c2b16ca33ebdf4a9cc6489313b66ebf81bae590cbdfa7b1b726973
Static task
static1
Malware Config
Extracted
redline
SomeBody
185.215.113.29:36224
Targets
-
-
Target
cf1cc4007b4eb9e98975ad5ff370db68ad168ee1953b982111373246784dafa7
-
Size
243KB
-
MD5
a381a39546b85a7c66368279535db02b
-
SHA1
591d5ae84b8fe5766c0c443eb10c2be9fbaf7827
-
SHA256
cf1cc4007b4eb9e98975ad5ff370db68ad168ee1953b982111373246784dafa7
-
SHA512
0ef9f3ab93cfec87e1dad648022795d9d5f32ce2098958d8abe0e18c3c16addf4ab9ae2ff2c2b16ca33ebdf4a9cc6489313b66ebf81bae590cbdfa7b1b726973
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-