General
-
Target
277333388c7a9f960a5bdbd7538755b73ff0c93c89c2c75d60b712beb0d8c02b
-
Size
241KB
-
Sample
211104-phz81ageh4
-
MD5
73070b2e05f34701ac5c1f6a33c92c90
-
SHA1
d30161b53365adfc50e112a32918eb2e19435831
-
SHA256
277333388c7a9f960a5bdbd7538755b73ff0c93c89c2c75d60b712beb0d8c02b
-
SHA512
b7cefdb61819fa39a3b58d3d1e8388ce3e61ef62d495adc14b662c1342fc7bf794961256e44e2379f6c77c2ac0d18f361f65d7058d582c70c71de6a8a8480708
Static task
static1
Malware Config
Extracted
redline
SomeBody
185.215.113.29:36224
Targets
-
-
Target
277333388c7a9f960a5bdbd7538755b73ff0c93c89c2c75d60b712beb0d8c02b
-
Size
241KB
-
MD5
73070b2e05f34701ac5c1f6a33c92c90
-
SHA1
d30161b53365adfc50e112a32918eb2e19435831
-
SHA256
277333388c7a9f960a5bdbd7538755b73ff0c93c89c2c75d60b712beb0d8c02b
-
SHA512
b7cefdb61819fa39a3b58d3d1e8388ce3e61ef62d495adc14b662c1342fc7bf794961256e44e2379f6c77c2ac0d18f361f65d7058d582c70c71de6a8a8480708
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-