General
-
Target
6d11c4b870d0d2891eb2c4e09d25aa6bff8761d0b9ab3752fff43c65daf5ff37
-
Size
373KB
-
Sample
220130-1jv68abacm
-
MD5
64e7690eba4a0f938418816de1f58a7a
-
SHA1
6396e5e2302e36a3fc526b1efb8dd88d4f30b9c7
-
SHA256
6d11c4b870d0d2891eb2c4e09d25aa6bff8761d0b9ab3752fff43c65daf5ff37
-
SHA512
7d9168d763a353ac7b662e145d6fd058dcb426f26274c08ab495775b7cccd7d872a84c2fc744aad14b0197926dce2af0c5f0102ae99bf95233c95532ea83d13f
Static task
static1
Behavioral task
behavioral1
Sample
6d11c4b870d0d2891eb2c4e09d25aa6bff8761d0b9ab3752fff43c65daf5ff37.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
Targets
-
-
Target
6d11c4b870d0d2891eb2c4e09d25aa6bff8761d0b9ab3752fff43c65daf5ff37
-
Size
373KB
-
MD5
64e7690eba4a0f938418816de1f58a7a
-
SHA1
6396e5e2302e36a3fc526b1efb8dd88d4f30b9c7
-
SHA256
6d11c4b870d0d2891eb2c4e09d25aa6bff8761d0b9ab3752fff43c65daf5ff37
-
SHA512
7d9168d763a353ac7b662e145d6fd058dcb426f26274c08ab495775b7cccd7d872a84c2fc744aad14b0197926dce2af0c5f0102ae99bf95233c95532ea83d13f
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-