General
-
Target
5f9dd5e1d6c9b2ed5d9b820960a33ef7.exe
-
Size
443KB
-
Sample
220126-l448ascad4
-
MD5
5f9dd5e1d6c9b2ed5d9b820960a33ef7
-
SHA1
ab637511deefe5e11c352f8a808057d15c96a105
-
SHA256
19d4a09d26dc6107fdc647ae31678064c8438cbe307c59ad5d18bb4968a52bf1
-
SHA512
55efaac9bd52d1edd677509bf6848f9909ed5962ab0547e555c0bffd2668dfc7075da6c4767f62a1530db8d8a91ddb6c1cbf385ff50f813fbdab43f06b75667b
Static task
static1
Behavioral task
behavioral1
Sample
5f9dd5e1d6c9b2ed5d9b820960a33ef7.exe
Resource
win7-en-20211208
Malware Config
Extracted
redline
noname
185.215.113.29:20819
Targets
-
-
Target
5f9dd5e1d6c9b2ed5d9b820960a33ef7.exe
-
Size
443KB
-
MD5
5f9dd5e1d6c9b2ed5d9b820960a33ef7
-
SHA1
ab637511deefe5e11c352f8a808057d15c96a105
-
SHA256
19d4a09d26dc6107fdc647ae31678064c8438cbe307c59ad5d18bb4968a52bf1
-
SHA512
55efaac9bd52d1edd677509bf6848f9909ed5962ab0547e555c0bffd2668dfc7075da6c4767f62a1530db8d8a91ddb6c1cbf385ff50f813fbdab43f06b75667b
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-