General
-
Target
662cfc382cc176c88c5a1fbbe4f5ba29bce23f367cd0764f28c73b0d56824b5b
-
Size
414KB
-
Sample
211105-gcy5rafgej
-
MD5
28419312ffe77087cbec474082b35989
-
SHA1
b43bfb6a3b18a51a0f9cec289aa36aeb6099436e
-
SHA256
662cfc382cc176c88c5a1fbbe4f5ba29bce23f367cd0764f28c73b0d56824b5b
-
SHA512
957c125d1e4b4f1c225ef4295328a8e64b4e670387cc235c39a79d6d0fc564e3d932896ddbf2b1cd461e0aa0f4e749256215a66828c9d757de5e961a024b2b16
Static task
static1
Malware Config
Extracted
redline
SomeBody
185.215.113.29:36224
Targets
-
-
Target
662cfc382cc176c88c5a1fbbe4f5ba29bce23f367cd0764f28c73b0d56824b5b
-
Size
414KB
-
MD5
28419312ffe77087cbec474082b35989
-
SHA1
b43bfb6a3b18a51a0f9cec289aa36aeb6099436e
-
SHA256
662cfc382cc176c88c5a1fbbe4f5ba29bce23f367cd0764f28c73b0d56824b5b
-
SHA512
957c125d1e4b4f1c225ef4295328a8e64b4e670387cc235c39a79d6d0fc564e3d932896ddbf2b1cd461e0aa0f4e749256215a66828c9d757de5e961a024b2b16
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-