General
-
Target
bb012d843a87d750815bbaa9b35a7efe117d936325f23e621e25cdb426b52d9d
-
Size
373KB
-
Sample
220131-amhr7acegl
-
MD5
d67567aa84bd3ae0d4f0466597cce5c1
-
SHA1
d8621feaaa9bee7fc2d6fc1cba3d14ebba1c0743
-
SHA256
bb012d843a87d750815bbaa9b35a7efe117d936325f23e621e25cdb426b52d9d
-
SHA512
8f9b5d2a4b001630d5740b9d2f14465dcaf2eb1942fbfdd28e839cfb98a83ae26891614ba0b9dbb58d80270468bff3b9c124a6ac1c8b9c9495e496ea66beeb28
Static task
static1
Behavioral task
behavioral1
Sample
bb012d843a87d750815bbaa9b35a7efe117d936325f23e621e25cdb426b52d9d.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
Targets
-
-
Target
bb012d843a87d750815bbaa9b35a7efe117d936325f23e621e25cdb426b52d9d
-
Size
373KB
-
MD5
d67567aa84bd3ae0d4f0466597cce5c1
-
SHA1
d8621feaaa9bee7fc2d6fc1cba3d14ebba1c0743
-
SHA256
bb012d843a87d750815bbaa9b35a7efe117d936325f23e621e25cdb426b52d9d
-
SHA512
8f9b5d2a4b001630d5740b9d2f14465dcaf2eb1942fbfdd28e839cfb98a83ae26891614ba0b9dbb58d80270468bff3b9c124a6ac1c8b9c9495e496ea66beeb28
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-