General
-
Target
6233d8b9604bf1c3997feff9618f8109.exe
-
Size
444KB
-
Sample
220126-pcltesdab6
-
MD5
6233d8b9604bf1c3997feff9618f8109
-
SHA1
0a17264ead7a0b8727cc69f5f2991357a23b9a17
-
SHA256
6e9b7fb1fffe85b5bc6b20d031c3b48f5964d504b4e37df2624e5982c5ba3875
-
SHA512
9bcee5569fac925aa7ed734b1a64ff974e134fd8162b5c5f94537113b297f058a4549b427b9b9b0c7f410154b05a7ee9051ec6d1c039da9944af3a124af7c0ed
Static task
static1
Behavioral task
behavioral1
Sample
6233d8b9604bf1c3997feff9618f8109.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
6233d8b9604bf1c3997feff9618f8109.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
Targets
-
-
Target
6233d8b9604bf1c3997feff9618f8109.exe
-
Size
444KB
-
MD5
6233d8b9604bf1c3997feff9618f8109
-
SHA1
0a17264ead7a0b8727cc69f5f2991357a23b9a17
-
SHA256
6e9b7fb1fffe85b5bc6b20d031c3b48f5964d504b4e37df2624e5982c5ba3875
-
SHA512
9bcee5569fac925aa7ed734b1a64ff974e134fd8162b5c5f94537113b297f058a4549b427b9b9b0c7f410154b05a7ee9051ec6d1c039da9944af3a124af7c0ed
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-