General
-
Target
d96c6fd1619fb28b3fb515f9652682899ab9ec5450573a8c09fe18fa66a99955
-
Size
417KB
-
Sample
220201-gyx5kshhdk
-
MD5
df63be2e8aefe9c13dda8f32c864b98c
-
SHA1
b500fa6534a833a2b87da9cf47c6a6309bfd9099
-
SHA256
d96c6fd1619fb28b3fb515f9652682899ab9ec5450573a8c09fe18fa66a99955
-
SHA512
52a65c83df2834d613a7b40164abee01cc5466922b26b98505bc772e73bb1c0846451b5b61d0f96406c9e81067419880959296c69cfe1ec2b164d4f1cd64e4b6
Static task
static1
Malware Config
Extracted
redline
noname
185.215.113.29:20819
Targets
-
-
Target
d96c6fd1619fb28b3fb515f9652682899ab9ec5450573a8c09fe18fa66a99955
-
Size
417KB
-
MD5
df63be2e8aefe9c13dda8f32c864b98c
-
SHA1
b500fa6534a833a2b87da9cf47c6a6309bfd9099
-
SHA256
d96c6fd1619fb28b3fb515f9652682899ab9ec5450573a8c09fe18fa66a99955
-
SHA512
52a65c83df2834d613a7b40164abee01cc5466922b26b98505bc772e73bb1c0846451b5b61d0f96406c9e81067419880959296c69cfe1ec2b164d4f1cd64e4b6
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-