General
-
Target
dcbef6b0685947ef4d01b84be1212d5e5efcd4c7e4a015ddd2e1d4a9c0cffa74
-
Size
467KB
-
Sample
220128-ksvztaabej
-
MD5
dc7a8003951089a96a97e13291fab248
-
SHA1
c0e8a559e26ce9742657294d673cfd88ea9eeb25
-
SHA256
dcbef6b0685947ef4d01b84be1212d5e5efcd4c7e4a015ddd2e1d4a9c0cffa74
-
SHA512
8bf66eda495fbe8c7214f50597dd6361618867e6a46a636f8b410df28a08f21516a4f0266909fdfd0770ce8bde5aa56ef80dd7db7986d347df1cc827b8edae05
Static task
static1
Behavioral task
behavioral1
Sample
dcbef6b0685947ef4d01b84be1212d5e5efcd4c7e4a015ddd2e1d4a9c0cffa74.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
Targets
-
-
Target
dcbef6b0685947ef4d01b84be1212d5e5efcd4c7e4a015ddd2e1d4a9c0cffa74
-
Size
467KB
-
MD5
dc7a8003951089a96a97e13291fab248
-
SHA1
c0e8a559e26ce9742657294d673cfd88ea9eeb25
-
SHA256
dcbef6b0685947ef4d01b84be1212d5e5efcd4c7e4a015ddd2e1d4a9c0cffa74
-
SHA512
8bf66eda495fbe8c7214f50597dd6361618867e6a46a636f8b410df28a08f21516a4f0266909fdfd0770ce8bde5aa56ef80dd7db7986d347df1cc827b8edae05
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-