General
-
Target
820064bdfd510533740acb1c3581e5e84dcb569be71d78d2466b9dd07a9aea4b
-
Size
417KB
-
Sample
220201-g25c3ahhhm
-
MD5
29000cdee103dda9642a2d13f64df87b
-
SHA1
0677a71ae3012570a99f3d29208a151c22f351cc
-
SHA256
820064bdfd510533740acb1c3581e5e84dcb569be71d78d2466b9dd07a9aea4b
-
SHA512
a4cc92b0989be5555bf5325b8cbe7b14e686d7cad3fae52c186f54b3fb51c0e2a9289ca986ee68cf8c10bf20f7e801a4efa1bff76d6e34c13eeee3da4167a89b
Static task
static1
Behavioral task
behavioral1
Sample
820064bdfd510533740acb1c3581e5e84dcb569be71d78d2466b9dd07a9aea4b.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
Targets
-
-
Target
820064bdfd510533740acb1c3581e5e84dcb569be71d78d2466b9dd07a9aea4b
-
Size
417KB
-
MD5
29000cdee103dda9642a2d13f64df87b
-
SHA1
0677a71ae3012570a99f3d29208a151c22f351cc
-
SHA256
820064bdfd510533740acb1c3581e5e84dcb569be71d78d2466b9dd07a9aea4b
-
SHA512
a4cc92b0989be5555bf5325b8cbe7b14e686d7cad3fae52c186f54b3fb51c0e2a9289ca986ee68cf8c10bf20f7e801a4efa1bff76d6e34c13eeee3da4167a89b
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-