General
-
Target
306f631cf2e081a5f0a2391b289570f39caf670497a1bd182ea828507fe884eb
-
Size
329KB
-
Sample
220127-yt39gaacd4
-
MD5
0b6bad20ed1ab27d4bf7473da58982d5
-
SHA1
9405e688d5b7d48855d5485ecde08462d207f2ed
-
SHA256
306f631cf2e081a5f0a2391b289570f39caf670497a1bd182ea828507fe884eb
-
SHA512
96b752fed432bc1e48125542456840da7815b4f6ed90ba0353dfd8c5764303e87855b8f8583591833764d20143306f9b58c7eede839af8d49b36f82fc791988f
Static task
static1
Malware Config
Extracted
redline
noname
185.215.113.29:20819
Targets
-
-
Target
306f631cf2e081a5f0a2391b289570f39caf670497a1bd182ea828507fe884eb
-
Size
329KB
-
MD5
0b6bad20ed1ab27d4bf7473da58982d5
-
SHA1
9405e688d5b7d48855d5485ecde08462d207f2ed
-
SHA256
306f631cf2e081a5f0a2391b289570f39caf670497a1bd182ea828507fe884eb
-
SHA512
96b752fed432bc1e48125542456840da7815b4f6ed90ba0353dfd8c5764303e87855b8f8583591833764d20143306f9b58c7eede839af8d49b36f82fc791988f
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-