General
-
Target
50973bb98d29f46f2241450f8e32e49fe4a4e32a8a6d8d2d51292b8bd2b11dfc
-
Size
243KB
-
Sample
211104-sxga8aeafp
-
MD5
8aa3509368cc3c9aea7d059c1c7e4a2c
-
SHA1
ecafab9fce864345f8bb84493d8b4f1b1e348575
-
SHA256
50973bb98d29f46f2241450f8e32e49fe4a4e32a8a6d8d2d51292b8bd2b11dfc
-
SHA512
5358a929534d2a5db9f598f330243db3bbb41c298dc7801e21c169a4b309fc1cfae6ab38502a8e2f5a17b7c3c4ab98de997795064423f57ba4fe72548d8be432
Static task
static1
Malware Config
Extracted
redline
SomeBody
185.215.113.29:36224
Targets
-
-
Target
50973bb98d29f46f2241450f8e32e49fe4a4e32a8a6d8d2d51292b8bd2b11dfc
-
Size
243KB
-
MD5
8aa3509368cc3c9aea7d059c1c7e4a2c
-
SHA1
ecafab9fce864345f8bb84493d8b4f1b1e348575
-
SHA256
50973bb98d29f46f2241450f8e32e49fe4a4e32a8a6d8d2d51292b8bd2b11dfc
-
SHA512
5358a929534d2a5db9f598f330243db3bbb41c298dc7801e21c169a4b309fc1cfae6ab38502a8e2f5a17b7c3c4ab98de997795064423f57ba4fe72548d8be432
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-