General
-
Target
6aea4f77a363b81ab91a67e67210c30abda6c1355fed7256266ffa9b7b1e3139
-
Size
457KB
-
Sample
220129-k1hdpahda2
-
MD5
797a9ce6330dd29ece17a0eb401fa92a
-
SHA1
7f8f0ce5bac5c5563a35772a7b1041a5675bc54e
-
SHA256
6aea4f77a363b81ab91a67e67210c30abda6c1355fed7256266ffa9b7b1e3139
-
SHA512
717d0d15f94445e48d0780315f1643e6c48c5fef04090b8d168fc5d71edd8690e4a79d4b0920b9556f51b399cb57266d629bab0f52fca176f2fae23380b4f837
Static task
static1
Behavioral task
behavioral1
Sample
6aea4f77a363b81ab91a67e67210c30abda6c1355fed7256266ffa9b7b1e3139.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
Targets
-
-
Target
6aea4f77a363b81ab91a67e67210c30abda6c1355fed7256266ffa9b7b1e3139
-
Size
457KB
-
MD5
797a9ce6330dd29ece17a0eb401fa92a
-
SHA1
7f8f0ce5bac5c5563a35772a7b1041a5675bc54e
-
SHA256
6aea4f77a363b81ab91a67e67210c30abda6c1355fed7256266ffa9b7b1e3139
-
SHA512
717d0d15f94445e48d0780315f1643e6c48c5fef04090b8d168fc5d71edd8690e4a79d4b0920b9556f51b399cb57266d629bab0f52fca176f2fae23380b4f837
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-