General
-
Target
486a3e5bfce8918586e3c4bf1d1c2ea92f07d657022a68c520d6bfbc7f76f14e
-
Size
243KB
-
Sample
211104-2txngahha6
-
MD5
9f53f50a74bfac5ac8b77ef4306cce31
-
SHA1
9c3b13800f15cdaa74d3f2227ed720f3f47f8d6f
-
SHA256
486a3e5bfce8918586e3c4bf1d1c2ea92f07d657022a68c520d6bfbc7f76f14e
-
SHA512
e524a9fc4bc0528e02ae07439b2e794fc2840f5e3f3a18aa125d00aacc294b0c9715020ba3a78eb4db4c05fcdc3d2ee4a20848f24645f07d8bcb35155fd1dbb9
Static task
static1
Malware Config
Extracted
redline
SomeBody
185.215.113.29:36224
Targets
-
-
Target
486a3e5bfce8918586e3c4bf1d1c2ea92f07d657022a68c520d6bfbc7f76f14e
-
Size
243KB
-
MD5
9f53f50a74bfac5ac8b77ef4306cce31
-
SHA1
9c3b13800f15cdaa74d3f2227ed720f3f47f8d6f
-
SHA256
486a3e5bfce8918586e3c4bf1d1c2ea92f07d657022a68c520d6bfbc7f76f14e
-
SHA512
e524a9fc4bc0528e02ae07439b2e794fc2840f5e3f3a18aa125d00aacc294b0c9715020ba3a78eb4db4c05fcdc3d2ee4a20848f24645f07d8bcb35155fd1dbb9
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-