General
-
Target
e2f735b15f830d65289c6e25c7161dad15ffbd18dae33fe554ac153d7d5caab7
-
Size
458KB
-
Sample
220129-ahrjjahcb6
-
MD5
e3c3769131fe40692aa2776633c31867
-
SHA1
3646cd11a5aba28a8c9d84feb143e139f0701667
-
SHA256
e2f735b15f830d65289c6e25c7161dad15ffbd18dae33fe554ac153d7d5caab7
-
SHA512
2003693498b1e30890bc8de5b9e516f0cb9dec0a5b5d067b48f27eeacb831c4adceadc43a7594fa99b6855bf328ade4e83975c9160f09b9153cb5019d3e33396
Static task
static1
Malware Config
Extracted
redline
noname
185.215.113.29:20819
Targets
-
-
Target
e2f735b15f830d65289c6e25c7161dad15ffbd18dae33fe554ac153d7d5caab7
-
Size
458KB
-
MD5
e3c3769131fe40692aa2776633c31867
-
SHA1
3646cd11a5aba28a8c9d84feb143e139f0701667
-
SHA256
e2f735b15f830d65289c6e25c7161dad15ffbd18dae33fe554ac153d7d5caab7
-
SHA512
2003693498b1e30890bc8de5b9e516f0cb9dec0a5b5d067b48f27eeacb831c4adceadc43a7594fa99b6855bf328ade4e83975c9160f09b9153cb5019d3e33396
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-