General
-
Target
ccc779717662968f6566a3e6821285da4c52fa7da8bec34e07557a36f0aa18c4
-
Size
371KB
-
Sample
220131-qmzcyahbhn
-
MD5
e7e743afa3c756e2aff291b9d03d7df7
-
SHA1
3c18f85a4c82616db674238ed2a82ee6430e8676
-
SHA256
ccc779717662968f6566a3e6821285da4c52fa7da8bec34e07557a36f0aa18c4
-
SHA512
3c96afc6b326d6ed214886b15aea90b269c873f9e1f089694834eead7e0339b081934e4e24b5e620d1aa7c10450c070fb27d6fab28795577cab115d65a85e5db
Static task
static1
Behavioral task
behavioral1
Sample
ccc779717662968f6566a3e6821285da4c52fa7da8bec34e07557a36f0aa18c4.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
Targets
-
-
Target
ccc779717662968f6566a3e6821285da4c52fa7da8bec34e07557a36f0aa18c4
-
Size
371KB
-
MD5
e7e743afa3c756e2aff291b9d03d7df7
-
SHA1
3c18f85a4c82616db674238ed2a82ee6430e8676
-
SHA256
ccc779717662968f6566a3e6821285da4c52fa7da8bec34e07557a36f0aa18c4
-
SHA512
3c96afc6b326d6ed214886b15aea90b269c873f9e1f089694834eead7e0339b081934e4e24b5e620d1aa7c10450c070fb27d6fab28795577cab115d65a85e5db
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-