General
-
Target
6c0482002fb2075c4acb68bcf05a3974f3a834378820372ebd23957657c191dc
-
Size
413KB
-
Sample
211105-ktf72sgcbl
-
MD5
2d985f69ec5841f0d19f1eccc98c3ce7
-
SHA1
d3db72bdc9cc4c49522bc68a8c396222bc329add
-
SHA256
6c0482002fb2075c4acb68bcf05a3974f3a834378820372ebd23957657c191dc
-
SHA512
8aa2bad91b9caba3cebd4d7baf95ed8e1822747bed1ed1d25d7962a30fcf80bbf1ee6e8b14bc89693b6b6736b7d1291f1e304ff422db00b4cde9e5b1ed5f054f
Static task
static1
Malware Config
Extracted
redline
SomeBody
185.215.113.29:36224
Targets
-
-
Target
6c0482002fb2075c4acb68bcf05a3974f3a834378820372ebd23957657c191dc
-
Size
413KB
-
MD5
2d985f69ec5841f0d19f1eccc98c3ce7
-
SHA1
d3db72bdc9cc4c49522bc68a8c396222bc329add
-
SHA256
6c0482002fb2075c4acb68bcf05a3974f3a834378820372ebd23957657c191dc
-
SHA512
8aa2bad91b9caba3cebd4d7baf95ed8e1822747bed1ed1d25d7962a30fcf80bbf1ee6e8b14bc89693b6b6736b7d1291f1e304ff422db00b4cde9e5b1ed5f054f
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-