General
-
Target
1d86c6624a6d702e752f134e328a02a7325e9b8c231612f97dd92a13eda270e7
-
Size
381KB
-
Sample
220127-d2vbbaehbj
-
MD5
bda33adf306fe0ece5aa5a283030af90
-
SHA1
20f82f18989b0e01d530c203f4921ffe442793c3
-
SHA256
1d86c6624a6d702e752f134e328a02a7325e9b8c231612f97dd92a13eda270e7
-
SHA512
177ddc92399f6ef3da163e57905599edcfe2925974a02eefbccf9f4a88a94d3abefa4fb7f7c252e55a2b7d9b5759b99b53a5445b64f50bbd39a24362c2fb1b91
Static task
static1
Behavioral task
behavioral1
Sample
1d86c6624a6d702e752f134e328a02a7325e9b8c231612f97dd92a13eda270e7.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
Targets
-
-
Target
1d86c6624a6d702e752f134e328a02a7325e9b8c231612f97dd92a13eda270e7
-
Size
381KB
-
MD5
bda33adf306fe0ece5aa5a283030af90
-
SHA1
20f82f18989b0e01d530c203f4921ffe442793c3
-
SHA256
1d86c6624a6d702e752f134e328a02a7325e9b8c231612f97dd92a13eda270e7
-
SHA512
177ddc92399f6ef3da163e57905599edcfe2925974a02eefbccf9f4a88a94d3abefa4fb7f7c252e55a2b7d9b5759b99b53a5445b64f50bbd39a24362c2fb1b91
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-