General
-
Target
cc2dbbead89561a66cfe3edeb3a4e1df931bdc1923b08f843f9efa58b1750f0c
-
Size
331KB
-
Sample
220127-ngvfpabfgn
-
MD5
eae9dcbdf3da8443647f6fb6fa1b377b
-
SHA1
ff8044f77bf8a57bcf7e4d246c177ab22cf5f8b4
-
SHA256
cc2dbbead89561a66cfe3edeb3a4e1df931bdc1923b08f843f9efa58b1750f0c
-
SHA512
8fd7120d7326f49b68ce36e84e7bb82e41d2f5ca0cf65331c9cef4d2c43f50989cede29fbc3923b4f93f408e57d792be2f8c2949a9ea1c481f2cd4ff1076be73
Static task
static1
Behavioral task
behavioral1
Sample
cc2dbbead89561a66cfe3edeb3a4e1df931bdc1923b08f843f9efa58b1750f0c.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
Targets
-
-
Target
cc2dbbead89561a66cfe3edeb3a4e1df931bdc1923b08f843f9efa58b1750f0c
-
Size
331KB
-
MD5
eae9dcbdf3da8443647f6fb6fa1b377b
-
SHA1
ff8044f77bf8a57bcf7e4d246c177ab22cf5f8b4
-
SHA256
cc2dbbead89561a66cfe3edeb3a4e1df931bdc1923b08f843f9efa58b1750f0c
-
SHA512
8fd7120d7326f49b68ce36e84e7bb82e41d2f5ca0cf65331c9cef4d2c43f50989cede29fbc3923b4f93f408e57d792be2f8c2949a9ea1c481f2cd4ff1076be73
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-