General
-
Target
d169b9c582310a6cb3070e062dc9f45c083ef09f4286bfff4f3d2cc28539c5bb
-
Size
423KB
-
Sample
211127-r1xlyabcbq
-
MD5
7c4368bec42659749159b87f363a2769
-
SHA1
b54cb2d72a4c74dcc79e6070696984a68be19321
-
SHA256
d169b9c582310a6cb3070e062dc9f45c083ef09f4286bfff4f3d2cc28539c5bb
-
SHA512
8a9085df8133ab027a83c6aab64c395b5cfad103d6dfb7307a3213740c45d10d0547e8b5c484f801612404dced891c04b502c6a0915182c7d66a1a72abe81416
Static task
static1
Malware Config
Extracted
redline
udptest
193.56.146.64:65441
Targets
-
-
Target
d169b9c582310a6cb3070e062dc9f45c083ef09f4286bfff4f3d2cc28539c5bb
-
Size
423KB
-
MD5
7c4368bec42659749159b87f363a2769
-
SHA1
b54cb2d72a4c74dcc79e6070696984a68be19321
-
SHA256
d169b9c582310a6cb3070e062dc9f45c083ef09f4286bfff4f3d2cc28539c5bb
-
SHA512
8a9085df8133ab027a83c6aab64c395b5cfad103d6dfb7307a3213740c45d10d0547e8b5c484f801612404dced891c04b502c6a0915182c7d66a1a72abe81416
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-