General
-
Target
21e3614a2ad75d0c058507725031e1e795cc0a962175c67c12816dae9bf01137
-
Size
467KB
-
Sample
220128-ertgpsfhe5
-
MD5
3445492ccddb703445ddba56b0fe5258
-
SHA1
de0ee8f72e57347b940aeb8f70c9b51f71a9bc60
-
SHA256
21e3614a2ad75d0c058507725031e1e795cc0a962175c67c12816dae9bf01137
-
SHA512
3fcaaaac12f9acb120f94346c6b89d3b4a16bde8e24fb5ff49b7692a9e973d310125539fa58b12e683ccb75f0b6b0bf397335131aa2fa2767f366c7aac2db998
Static task
static1
Behavioral task
behavioral1
Sample
21e3614a2ad75d0c058507725031e1e795cc0a962175c67c12816dae9bf01137.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
Targets
-
-
Target
21e3614a2ad75d0c058507725031e1e795cc0a962175c67c12816dae9bf01137
-
Size
467KB
-
MD5
3445492ccddb703445ddba56b0fe5258
-
SHA1
de0ee8f72e57347b940aeb8f70c9b51f71a9bc60
-
SHA256
21e3614a2ad75d0c058507725031e1e795cc0a962175c67c12816dae9bf01137
-
SHA512
3fcaaaac12f9acb120f94346c6b89d3b4a16bde8e24fb5ff49b7692a9e973d310125539fa58b12e683ccb75f0b6b0bf397335131aa2fa2767f366c7aac2db998
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-