General
-
Target
c8a877c663ef8b721a44e55a6bff9f1c1769c86e2300c6d12fd5859c5eeb90a4
-
Size
411KB
-
Sample
211105-rpab9shbfj
-
MD5
fc90b5e3d99eea9324bc4828070e05ce
-
SHA1
f856898bf2c2fe66d93af3207d6e11608edc60a7
-
SHA256
c8a877c663ef8b721a44e55a6bff9f1c1769c86e2300c6d12fd5859c5eeb90a4
-
SHA512
e2e48205a52115badc2d28e00df8ee3c6386301e99fbcea03c296b41271d7f3521c0e52ce1188ce2ed376183efa49ad26738196af0d8788f4fdd5ba0e94639dc
Static task
static1
Malware Config
Extracted
redline
SomeBody
185.215.113.29:36224
Targets
-
-
Target
c8a877c663ef8b721a44e55a6bff9f1c1769c86e2300c6d12fd5859c5eeb90a4
-
Size
411KB
-
MD5
fc90b5e3d99eea9324bc4828070e05ce
-
SHA1
f856898bf2c2fe66d93af3207d6e11608edc60a7
-
SHA256
c8a877c663ef8b721a44e55a6bff9f1c1769c86e2300c6d12fd5859c5eeb90a4
-
SHA512
e2e48205a52115badc2d28e00df8ee3c6386301e99fbcea03c296b41271d7f3521c0e52ce1188ce2ed376183efa49ad26738196af0d8788f4fdd5ba0e94639dc
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-