General
-
Target
405749d62114210369afbdadf8393ab8dae2a7dd5157d26c5b3ff736a21df022
-
Size
458KB
-
Sample
220129-a78t4shegp
-
MD5
3eb94d8929582cac33f98d44e0a350b7
-
SHA1
5602f9c1797d1472b5ef0c4d927edff41d5c0571
-
SHA256
405749d62114210369afbdadf8393ab8dae2a7dd5157d26c5b3ff736a21df022
-
SHA512
fe44bf1311e262f2838ba852f9d07acb8d36f7d3251f6c1b02a86fbcdf0e98d1ab3050e692707348c9101b5ec236fb775747d646b1805fb48aa5d60e28821b64
Static task
static1
Behavioral task
behavioral1
Sample
405749d62114210369afbdadf8393ab8dae2a7dd5157d26c5b3ff736a21df022.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
Targets
-
-
Target
405749d62114210369afbdadf8393ab8dae2a7dd5157d26c5b3ff736a21df022
-
Size
458KB
-
MD5
3eb94d8929582cac33f98d44e0a350b7
-
SHA1
5602f9c1797d1472b5ef0c4d927edff41d5c0571
-
SHA256
405749d62114210369afbdadf8393ab8dae2a7dd5157d26c5b3ff736a21df022
-
SHA512
fe44bf1311e262f2838ba852f9d07acb8d36f7d3251f6c1b02a86fbcdf0e98d1ab3050e692707348c9101b5ec236fb775747d646b1805fb48aa5d60e28821b64
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-