General
-
Target
791a3a71fa689a0342dc2cab837d0b0f773e9681f1017e00b824ac9150deb1de
-
Size
444KB
-
Sample
220126-jsegdsafgn
-
MD5
0b2c7e3f53f35187273932e1f7e1f573
-
SHA1
765538d631ba8c5072d9570df5b02b6ed4bf216d
-
SHA256
791a3a71fa689a0342dc2cab837d0b0f773e9681f1017e00b824ac9150deb1de
-
SHA512
61ebc17001ee98e918173e1df72952f2383c6a26d374cf3566c029b12f008c9fd96fc6a0aadcd2784c59a58708324187ef6f9274be4e96eb5aee9c2e92999794
Static task
static1
Behavioral task
behavioral1
Sample
791a3a71fa689a0342dc2cab837d0b0f773e9681f1017e00b824ac9150deb1de.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
Targets
-
-
Target
791a3a71fa689a0342dc2cab837d0b0f773e9681f1017e00b824ac9150deb1de
-
Size
444KB
-
MD5
0b2c7e3f53f35187273932e1f7e1f573
-
SHA1
765538d631ba8c5072d9570df5b02b6ed4bf216d
-
SHA256
791a3a71fa689a0342dc2cab837d0b0f773e9681f1017e00b824ac9150deb1de
-
SHA512
61ebc17001ee98e918173e1df72952f2383c6a26d374cf3566c029b12f008c9fd96fc6a0aadcd2784c59a58708324187ef6f9274be4e96eb5aee9c2e92999794
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-