General
-
Target
468020fc5101d617d7dd6d4d3fd8d204ca18e30f4107838fe7820b61f8ac88ec
-
Size
373KB
-
Sample
220131-em671aeffq
-
MD5
00fa5b9d65670134cf950697f1fb23ac
-
SHA1
72856e5e7fd7003b0ace8d4e160c38e26aecba15
-
SHA256
468020fc5101d617d7dd6d4d3fd8d204ca18e30f4107838fe7820b61f8ac88ec
-
SHA512
96be7a2eebd266902517a87078708acfdab0aa3f5d0003fda7153a6b0f96036a269301b76d59ccd7a8b4a15ae5cb9e162ab1472d0f79493852bd9a8b8c4b9152
Static task
static1
Malware Config
Extracted
redline
noname
185.215.113.29:20819
Targets
-
-
Target
468020fc5101d617d7dd6d4d3fd8d204ca18e30f4107838fe7820b61f8ac88ec
-
Size
373KB
-
MD5
00fa5b9d65670134cf950697f1fb23ac
-
SHA1
72856e5e7fd7003b0ace8d4e160c38e26aecba15
-
SHA256
468020fc5101d617d7dd6d4d3fd8d204ca18e30f4107838fe7820b61f8ac88ec
-
SHA512
96be7a2eebd266902517a87078708acfdab0aa3f5d0003fda7153a6b0f96036a269301b76d59ccd7a8b4a15ae5cb9e162ab1472d0f79493852bd9a8b8c4b9152
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-