General
-
Target
63ce59383e624a3bd55fb701b45370064a3571e0468717631a5989572a0c6a09
-
Size
386KB
-
Sample
220117-kwahaahdcq
-
MD5
49d5d469cf0b226f784f4526e8c81726
-
SHA1
af8517883991359e5a6e0abb17f3a84d5e09a18b
-
SHA256
63ce59383e624a3bd55fb701b45370064a3571e0468717631a5989572a0c6a09
-
SHA512
eda7faa7fada31642a2b53dffb56fa5a84736c647a3702781475b920808514dc0f1d1fbbe915d78e3ae76a7fdd015ea429c8d6ec1a44e0a1744a9e4fe4e75d2d
Static task
static1
Malware Config
Extracted
redline
noname
185.215.113.29:34865
Targets
-
-
Target
63ce59383e624a3bd55fb701b45370064a3571e0468717631a5989572a0c6a09
-
Size
386KB
-
MD5
49d5d469cf0b226f784f4526e8c81726
-
SHA1
af8517883991359e5a6e0abb17f3a84d5e09a18b
-
SHA256
63ce59383e624a3bd55fb701b45370064a3571e0468717631a5989572a0c6a09
-
SHA512
eda7faa7fada31642a2b53dffb56fa5a84736c647a3702781475b920808514dc0f1d1fbbe915d78e3ae76a7fdd015ea429c8d6ec1a44e0a1744a9e4fe4e75d2d
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-