General
-
Target
9c8013e29fd818c6149e638e39332b57354e730dfb94dc29b34ebcf4de83e938
-
Size
417KB
-
Sample
220201-fpljrahff7
-
MD5
7431147ad65ad074d55a6a69586b8158
-
SHA1
5e2cdf5c93a498e6c8cb4acccfea5e12425f0c9a
-
SHA256
9c8013e29fd818c6149e638e39332b57354e730dfb94dc29b34ebcf4de83e938
-
SHA512
1b372a61c3e564863449d7cb55c9dcb1163faa47a16f1d2fa7ec6b0f8ee6f318857ca4df7f43471924f62fe1758095245f933f404d76f8cd0e944b1c57305dd9
Static task
static1
Behavioral task
behavioral1
Sample
9c8013e29fd818c6149e638e39332b57354e730dfb94dc29b34ebcf4de83e938.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
Targets
-
-
Target
9c8013e29fd818c6149e638e39332b57354e730dfb94dc29b34ebcf4de83e938
-
Size
417KB
-
MD5
7431147ad65ad074d55a6a69586b8158
-
SHA1
5e2cdf5c93a498e6c8cb4acccfea5e12425f0c9a
-
SHA256
9c8013e29fd818c6149e638e39332b57354e730dfb94dc29b34ebcf4de83e938
-
SHA512
1b372a61c3e564863449d7cb55c9dcb1163faa47a16f1d2fa7ec6b0f8ee6f318857ca4df7f43471924f62fe1758095245f933f404d76f8cd0e944b1c57305dd9
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-