General
-
Target
8978ac77fcf0acbcfd44eef20ffad25b3a168fedc926f6f729060ae33c0bccdb
-
Size
298KB
-
Sample
220129-vpkpsaehd6
-
MD5
a4fac24da2fd24c1bd36a37b312368d6
-
SHA1
c0f938b4ffccc7e63fe781a5151da9e38c8c3d77
-
SHA256
bfc2047cd7cf1971c55019bdf09437ecfc3f58e05fb862f08aaaf37e2a19829b
-
SHA512
7d8f7596a6f87616a676fb80e6ef27a260c4d7a63cc56ccf7f3c40c2aea9dcfa2a5b0e02319da94d7dc61d1cfc8b29a905adf2d803ae6347ca749de33eeb5be5
Static task
static1
Behavioral task
behavioral1
Sample
8978ac77fcf0acbcfd44eef20ffad25b3a168fedc926f6f729060ae33c0bccdb.exe
Resource
win7-en-20211208
Malware Config
Extracted
redline
noname
185.215.113.29:20819
Targets
-
-
Target
8978ac77fcf0acbcfd44eef20ffad25b3a168fedc926f6f729060ae33c0bccdb
-
Size
457KB
-
MD5
26be3c0c5533ffdfd776e8798d9f624b
-
SHA1
b7015b77ac7580e7589fe09807730993f049bab7
-
SHA256
8978ac77fcf0acbcfd44eef20ffad25b3a168fedc926f6f729060ae33c0bccdb
-
SHA512
b6b4d121944a0f721bb5a83892020c190263f2b9222fc1151db5279922b646289d6a664500d662328af368ffcdcc3f01ce443f7d23cc9dfbbc72dc511090b59a
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-