General
-
Target
fe73d689ac295af3a033de4ae5f0cdc25ef9a683ff17f96dad7fa41f6be509ae
-
Size
372KB
-
Sample
220131-tplreahger
-
MD5
a3f17bf5335f0453cb36dd723fbd05c6
-
SHA1
b85ccc5c5d5333dab4968b1a0860554a38294721
-
SHA256
fe73d689ac295af3a033de4ae5f0cdc25ef9a683ff17f96dad7fa41f6be509ae
-
SHA512
ee64dc5920f036ad93a77ccd4deed23c58f2109596cf0722c35b96bb848f00ec1fb18352e5b80a35f0d3d4dddc808514fa094babd108989804a0634aa1765512
Static task
static1
Behavioral task
behavioral1
Sample
fe73d689ac295af3a033de4ae5f0cdc25ef9a683ff17f96dad7fa41f6be509ae.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
Targets
-
-
Target
fe73d689ac295af3a033de4ae5f0cdc25ef9a683ff17f96dad7fa41f6be509ae
-
Size
372KB
-
MD5
a3f17bf5335f0453cb36dd723fbd05c6
-
SHA1
b85ccc5c5d5333dab4968b1a0860554a38294721
-
SHA256
fe73d689ac295af3a033de4ae5f0cdc25ef9a683ff17f96dad7fa41f6be509ae
-
SHA512
ee64dc5920f036ad93a77ccd4deed23c58f2109596cf0722c35b96bb848f00ec1fb18352e5b80a35f0d3d4dddc808514fa094babd108989804a0634aa1765512
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-