General
-
Target
bf79dc04ee3b5190e5d43219aa012b1b1d7a108553ba57ad9d5b14295d93370b
-
Size
330KB
-
Sample
220127-3xnemscfaj
-
MD5
54653202a30ba579821b48f79f52aaee
-
SHA1
3c3be3efdd81b3a65ecaff44acb0a8cddace64f4
-
SHA256
bf79dc04ee3b5190e5d43219aa012b1b1d7a108553ba57ad9d5b14295d93370b
-
SHA512
5e6508e6e67c911fede077390910325538ac509dac669e27f539188b99df455c62295492a984e141038ed52f50523d063ec5067e023608e072df0ce0d4c4f1f5
Static task
static1
Behavioral task
behavioral1
Sample
bf79dc04ee3b5190e5d43219aa012b1b1d7a108553ba57ad9d5b14295d93370b.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
Targets
-
-
Target
bf79dc04ee3b5190e5d43219aa012b1b1d7a108553ba57ad9d5b14295d93370b
-
Size
330KB
-
MD5
54653202a30ba579821b48f79f52aaee
-
SHA1
3c3be3efdd81b3a65ecaff44acb0a8cddace64f4
-
SHA256
bf79dc04ee3b5190e5d43219aa012b1b1d7a108553ba57ad9d5b14295d93370b
-
SHA512
5e6508e6e67c911fede077390910325538ac509dac669e27f539188b99df455c62295492a984e141038ed52f50523d063ec5067e023608e072df0ce0d4c4f1f5
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-