General
-
Target
1f06cf5bd10b5a52b1962b8869f2efe2ba4e648f0df38c4bce75c391436a6b50
-
Size
376KB
-
Sample
220122-kst3hsada7
-
MD5
30aa33a5b30c5575f9f0797ecc2d4ae0
-
SHA1
3588fe2ca88281858c09f69ad270c35adba4b9f8
-
SHA256
1f06cf5bd10b5a52b1962b8869f2efe2ba4e648f0df38c4bce75c391436a6b50
-
SHA512
8494763903965ce4d40758d3202bd3b7a164b152f98cc6890eb7b0cf0b2485f0242db4e6764407017694ddf99a7ef7cccebae8d2e8df5f3c654fc47077d70421
Static task
static1
Malware Config
Extracted
redline
NONAME
45.9.20.111:1355
Targets
-
-
Target
1f06cf5bd10b5a52b1962b8869f2efe2ba4e648f0df38c4bce75c391436a6b50
-
Size
376KB
-
MD5
30aa33a5b30c5575f9f0797ecc2d4ae0
-
SHA1
3588fe2ca88281858c09f69ad270c35adba4b9f8
-
SHA256
1f06cf5bd10b5a52b1962b8869f2efe2ba4e648f0df38c4bce75c391436a6b50
-
SHA512
8494763903965ce4d40758d3202bd3b7a164b152f98cc6890eb7b0cf0b2485f0242db4e6764407017694ddf99a7ef7cccebae8d2e8df5f3c654fc47077d70421
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-