General
-
Target
9082e20b7743984cb2f22a22cf3871e22d8d9c6f33a03fe6d95ea5c1006d4b4e
-
Size
381KB
-
Sample
220127-cremfaeahq
-
MD5
a8ad152b6a131d69add2461074dfc280
-
SHA1
e8fb416d84d57981b5808a16913a620e3efc63af
-
SHA256
9082e20b7743984cb2f22a22cf3871e22d8d9c6f33a03fe6d95ea5c1006d4b4e
-
SHA512
0fb332d8adddd8d0579fa932f3bf05fee206ba9598c5a952692558d87175172cb540b30fd8cc63011ad2e00a27de431d68b0dce7ca6d1bbb34f023124301000d
Static task
static1
Behavioral task
behavioral1
Sample
9082e20b7743984cb2f22a22cf3871e22d8d9c6f33a03fe6d95ea5c1006d4b4e.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
Targets
-
-
Target
9082e20b7743984cb2f22a22cf3871e22d8d9c6f33a03fe6d95ea5c1006d4b4e
-
Size
381KB
-
MD5
a8ad152b6a131d69add2461074dfc280
-
SHA1
e8fb416d84d57981b5808a16913a620e3efc63af
-
SHA256
9082e20b7743984cb2f22a22cf3871e22d8d9c6f33a03fe6d95ea5c1006d4b4e
-
SHA512
0fb332d8adddd8d0579fa932f3bf05fee206ba9598c5a952692558d87175172cb540b30fd8cc63011ad2e00a27de431d68b0dce7ca6d1bbb34f023124301000d
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-