General
-
Target
154463679c7bbeaba7ad160c269b78bd3d424022f57624b803c908ac7d7c436b
-
Size
300KB
-
Sample
220129-r7g5tscgg2
-
MD5
ff3e3a622ae3033cdd599a69ca8647ba
-
SHA1
81f886a831170593cdd8f8fb5469a941e5f9f1df
-
SHA256
802e00fc22d3901e1eff88739059e3c857ec393d76d328985bb327b7fc40d072
-
SHA512
ee84f60948dc8ade68967cf7ec98e4f0625ca329bae9a2365a89ce3a2b851d0ad2f9759113b58fb6691c2b5932df07f972642c7595d77fca8065de2d2af22283
Static task
static1
Behavioral task
behavioral1
Sample
154463679c7bbeaba7ad160c269b78bd3d424022f57624b803c908ac7d7c436b.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
154463679c7bbeaba7ad160c269b78bd3d424022f57624b803c908ac7d7c436b.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
Targets
-
-
Target
154463679c7bbeaba7ad160c269b78bd3d424022f57624b803c908ac7d7c436b
-
Size
458KB
-
MD5
a41ac098937259d16039f708b425af79
-
SHA1
00a5a9832ecf6c1b426c8a3c6dd07a6f51c23f56
-
SHA256
154463679c7bbeaba7ad160c269b78bd3d424022f57624b803c908ac7d7c436b
-
SHA512
999d4f52c3fd89954f20e7bba1b93347341e7c9007842fb2f05d2baa00513eaa0071752031a08bfc7884359bee18fc18936b1709fd8d4f58ead3e95395b0e7bc
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-