General
-
Target
423cb508010db0a851066171a188905c95e2fdb50ccdb2c1c0761801337091a0
-
Size
346KB
-
Sample
220131-y38kjsbedq
-
MD5
f5c40a40ba806560784c2d07fdf11739
-
SHA1
c225ecc50379e3a1d35219e57a6284626ac46a89
-
SHA256
423cb508010db0a851066171a188905c95e2fdb50ccdb2c1c0761801337091a0
-
SHA512
3429b2b3761ab3298a7ffaed5f2d89410e8deb139961e936580449aefa8a7566b87669110d101dd7e88d23e07e5e436a6b6f6649096f6de6e53fb88b7cc6646f
Static task
static1
Malware Config
Extracted
redline
noname
185.215.113.29:20819
Targets
-
-
Target
423cb508010db0a851066171a188905c95e2fdb50ccdb2c1c0761801337091a0
-
Size
346KB
-
MD5
f5c40a40ba806560784c2d07fdf11739
-
SHA1
c225ecc50379e3a1d35219e57a6284626ac46a89
-
SHA256
423cb508010db0a851066171a188905c95e2fdb50ccdb2c1c0761801337091a0
-
SHA512
3429b2b3761ab3298a7ffaed5f2d89410e8deb139961e936580449aefa8a7566b87669110d101dd7e88d23e07e5e436a6b6f6649096f6de6e53fb88b7cc6646f
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-