General
-
Target
5796ecff3c1ba56d5a4621541b6ae78b2886ba045ce49597c14296cb23dfbe69
-
Size
387KB
-
Sample
220117-fb44yaggc4
-
MD5
e5bea294619995c8cf03c4b577824c98
-
SHA1
63869d29a98cc6df192305abced2ccb93c4313a3
-
SHA256
5796ecff3c1ba56d5a4621541b6ae78b2886ba045ce49597c14296cb23dfbe69
-
SHA512
6fc5c8007db4785df1ce3bb59e7d249bc09e000a88a5779b2270407e52cc8ffe274ab4917d96e137b46602986af1c574ab25f9d4bb7c8756e00f892d2e399406
Static task
static1
Malware Config
Extracted
redline
noname
185.215.113.29:34865
Targets
-
-
Target
5796ecff3c1ba56d5a4621541b6ae78b2886ba045ce49597c14296cb23dfbe69
-
Size
387KB
-
MD5
e5bea294619995c8cf03c4b577824c98
-
SHA1
63869d29a98cc6df192305abced2ccb93c4313a3
-
SHA256
5796ecff3c1ba56d5a4621541b6ae78b2886ba045ce49597c14296cb23dfbe69
-
SHA512
6fc5c8007db4785df1ce3bb59e7d249bc09e000a88a5779b2270407e52cc8ffe274ab4917d96e137b46602986af1c574ab25f9d4bb7c8756e00f892d2e399406
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-