General
-
Target
2a935998b748ea6d54aa4aea5ed09474a65257aa381d61b1718d45b5150367b0
-
Size
412KB
-
Sample
211105-tmzkgsccb5
-
MD5
ba953a4978ab084795ef5656238790d2
-
SHA1
29a71c605698ac8a03082b7978cb65a77a4831f7
-
SHA256
2a935998b748ea6d54aa4aea5ed09474a65257aa381d61b1718d45b5150367b0
-
SHA512
8f4169b03ed87b1daf7912118758861d6e382280871dfae5987709da1c2aecfe1f6b76d5bece62334ab3de5592e7423dd0ca58baf58043721a7606dcacf3b91b
Static task
static1
Malware Config
Extracted
redline
SomeBody
185.215.113.29:36224
Targets
-
-
Target
2a935998b748ea6d54aa4aea5ed09474a65257aa381d61b1718d45b5150367b0
-
Size
412KB
-
MD5
ba953a4978ab084795ef5656238790d2
-
SHA1
29a71c605698ac8a03082b7978cb65a77a4831f7
-
SHA256
2a935998b748ea6d54aa4aea5ed09474a65257aa381d61b1718d45b5150367b0
-
SHA512
8f4169b03ed87b1daf7912118758861d6e382280871dfae5987709da1c2aecfe1f6b76d5bece62334ab3de5592e7423dd0ca58baf58043721a7606dcacf3b91b
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-