General
-
Target
06617e55f4c1a30bf1371adb48cc7ab9.exe
-
Size
443KB
-
Sample
220126-p6cslsdda5
-
MD5
06617e55f4c1a30bf1371adb48cc7ab9
-
SHA1
87fece338ca1d84ce8559dac680e4b1e3498b77f
-
SHA256
26f1712b35647e5c63f52f4c9472e9430b76d0a82488e7a1daaff2e99ddabea5
-
SHA512
a6b43822bd9624f85216c5a7def5824ac836dba555d02e09379c6c72bf324122f50c0d771d14a43bdb8782f9006877491160db891eb7b29c0e0056d953adb9fd
Static task
static1
Behavioral task
behavioral1
Sample
06617e55f4c1a30bf1371adb48cc7ab9.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
06617e55f4c1a30bf1371adb48cc7ab9.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
Targets
-
-
Target
06617e55f4c1a30bf1371adb48cc7ab9.exe
-
Size
443KB
-
MD5
06617e55f4c1a30bf1371adb48cc7ab9
-
SHA1
87fece338ca1d84ce8559dac680e4b1e3498b77f
-
SHA256
26f1712b35647e5c63f52f4c9472e9430b76d0a82488e7a1daaff2e99ddabea5
-
SHA512
a6b43822bd9624f85216c5a7def5824ac836dba555d02e09379c6c72bf324122f50c0d771d14a43bdb8782f9006877491160db891eb7b29c0e0056d953adb9fd
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-