General
-
Target
1950355c3d427e8a0f24400f5253fe2d33b68415e83c337a5b8c0ee01e0c6df8
-
Size
330KB
-
Sample
220127-pat21scff3
-
MD5
950f0425cd4f58f64a60e5cc6feca80f
-
SHA1
8724f71091fe7a5c67adb1eb7586c5d75c8230ba
-
SHA256
1950355c3d427e8a0f24400f5253fe2d33b68415e83c337a5b8c0ee01e0c6df8
-
SHA512
ade1b5ff106528170d376c00d41ea59c6829c7664c722f8ebc74705fbf9fdbf2cf5d2dcee792bc5e1c4710fc7dc9b9097a8faa1e43e12729fa57edaf1bfd7241
Static task
static1
Behavioral task
behavioral1
Sample
1950355c3d427e8a0f24400f5253fe2d33b68415e83c337a5b8c0ee01e0c6df8.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
Targets
-
-
Target
1950355c3d427e8a0f24400f5253fe2d33b68415e83c337a5b8c0ee01e0c6df8
-
Size
330KB
-
MD5
950f0425cd4f58f64a60e5cc6feca80f
-
SHA1
8724f71091fe7a5c67adb1eb7586c5d75c8230ba
-
SHA256
1950355c3d427e8a0f24400f5253fe2d33b68415e83c337a5b8c0ee01e0c6df8
-
SHA512
ade1b5ff106528170d376c00d41ea59c6829c7664c722f8ebc74705fbf9fdbf2cf5d2dcee792bc5e1c4710fc7dc9b9097a8faa1e43e12729fa57edaf1bfd7241
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-