General
-
Target
ff36ad11481365709e41863fb0e5f341597f4c1a33507cc2cacfb6ddd49ce3b0
-
Size
444KB
-
Sample
220126-p61jnsdda7
-
MD5
b207c1f4b3e86fbe93cc2224185dc856
-
SHA1
f766b1d44ac7e7f096a26ee1364dcfd2d313f435
-
SHA256
ff36ad11481365709e41863fb0e5f341597f4c1a33507cc2cacfb6ddd49ce3b0
-
SHA512
64ab092e14543ead37ac6d32a6cc93cd9cd090653ad251193a359b73510e22534cc52657e914d9162746cb7b745b1f398e74df0020422f2fdb22493a914438ae
Static task
static1
Behavioral task
behavioral1
Sample
ff36ad11481365709e41863fb0e5f341597f4c1a33507cc2cacfb6ddd49ce3b0.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
Targets
-
-
Target
ff36ad11481365709e41863fb0e5f341597f4c1a33507cc2cacfb6ddd49ce3b0
-
Size
444KB
-
MD5
b207c1f4b3e86fbe93cc2224185dc856
-
SHA1
f766b1d44ac7e7f096a26ee1364dcfd2d313f435
-
SHA256
ff36ad11481365709e41863fb0e5f341597f4c1a33507cc2cacfb6ddd49ce3b0
-
SHA512
64ab092e14543ead37ac6d32a6cc93cd9cd090653ad251193a359b73510e22534cc52657e914d9162746cb7b745b1f398e74df0020422f2fdb22493a914438ae
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-