General
-
Target
11d42e1e9c185143fc47e71c999b6c663ab165a82efb3444222447d91273e4b5
-
Size
330KB
-
Sample
220128-sydxgsgag8
-
MD5
97db02564dfc6ce64a0b9a63f8533146
-
SHA1
4d8a0fd67af6dfd07ba7abfd5ed0671af82bd539
-
SHA256
11d42e1e9c185143fc47e71c999b6c663ab165a82efb3444222447d91273e4b5
-
SHA512
2ae8d2492ac2b3acc398074a11123bd327211139e6b397a6529a15ea919172628f8e6efe496785bb2fd445850c1cad190960d36403ed12fa0938626c9499cdd9
Static task
static1
Behavioral task
behavioral1
Sample
11d42e1e9c185143fc47e71c999b6c663ab165a82efb3444222447d91273e4b5.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
11d42e1e9c185143fc47e71c999b6c663ab165a82efb3444222447d91273e4b5.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
Targets
-
-
Target
11d42e1e9c185143fc47e71c999b6c663ab165a82efb3444222447d91273e4b5
-
Size
330KB
-
MD5
97db02564dfc6ce64a0b9a63f8533146
-
SHA1
4d8a0fd67af6dfd07ba7abfd5ed0671af82bd539
-
SHA256
11d42e1e9c185143fc47e71c999b6c663ab165a82efb3444222447d91273e4b5
-
SHA512
2ae8d2492ac2b3acc398074a11123bd327211139e6b397a6529a15ea919172628f8e6efe496785bb2fd445850c1cad190960d36403ed12fa0938626c9499cdd9
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-