General
-
Target
a6ab73e0e70ec961117d9b199105db9dea5298876fc8d6cdcaa5579e2b693f13
-
Size
373KB
-
Sample
220130-1kbh7sbfh8
-
MD5
eed4171e9ffe77984f01de5a1077eb11
-
SHA1
099241ceb753db1b6df14f766efa85da8bb28023
-
SHA256
a6ab73e0e70ec961117d9b199105db9dea5298876fc8d6cdcaa5579e2b693f13
-
SHA512
ef6d8187fa970303512c792ea8dcb0bb8e85af0280c7cf9593e5e1f812c4ba54da0cf8fd352555a92af5ca7ef9cd404fb9e31853b065775bcaea68a943f3b251
Static task
static1
Behavioral task
behavioral1
Sample
a6ab73e0e70ec961117d9b199105db9dea5298876fc8d6cdcaa5579e2b693f13.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
Targets
-
-
Target
a6ab73e0e70ec961117d9b199105db9dea5298876fc8d6cdcaa5579e2b693f13
-
Size
373KB
-
MD5
eed4171e9ffe77984f01de5a1077eb11
-
SHA1
099241ceb753db1b6df14f766efa85da8bb28023
-
SHA256
a6ab73e0e70ec961117d9b199105db9dea5298876fc8d6cdcaa5579e2b693f13
-
SHA512
ef6d8187fa970303512c792ea8dcb0bb8e85af0280c7cf9593e5e1f812c4ba54da0cf8fd352555a92af5ca7ef9cd404fb9e31853b065775bcaea68a943f3b251
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-