General
-
Target
e261714c041e882655e0f964c9ad2aa4161035897daf1.exe
-
Size
443KB
-
Sample
220126-p6cslsdaam
-
MD5
111434bb965f37437c651367550f6fe4
-
SHA1
3ce547885e36e9ce661fc9c2043304346a5887ef
-
SHA256
e261714c041e882655e0f964c9ad2aa4161035897daf11cf7d9b385aae12f0d3
-
SHA512
22315705f490a130a8ab44cb14152631653e5ad92d291e9f3e4eab5dabba67b8867d7c5c78e18618fecfaadff273f9a3e4a97788eecc98d65b591dba6bb6da58
Static task
static1
Behavioral task
behavioral1
Sample
e261714c041e882655e0f964c9ad2aa4161035897daf1.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
e261714c041e882655e0f964c9ad2aa4161035897daf1.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
sewpalpadin
185.215.113.29:20819
Targets
-
-
Target
e261714c041e882655e0f964c9ad2aa4161035897daf1.exe
-
Size
443KB
-
MD5
111434bb965f37437c651367550f6fe4
-
SHA1
3ce547885e36e9ce661fc9c2043304346a5887ef
-
SHA256
e261714c041e882655e0f964c9ad2aa4161035897daf11cf7d9b385aae12f0d3
-
SHA512
22315705f490a130a8ab44cb14152631653e5ad92d291e9f3e4eab5dabba67b8867d7c5c78e18618fecfaadff273f9a3e4a97788eecc98d65b591dba6bb6da58
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-