General
-
Target
029994cb8087c097e0b56398beaa0e1435ba7e94e580722c9e700598f72853c6
-
Size
383KB
-
Sample
220209-ze8q3sbfgp
-
MD5
e0b1ae6fb3fdc2dbeaf24393fb44a70a
-
SHA1
683611fa910b3dabdec85e896b4a957f8a7bba9f
-
SHA256
029994cb8087c097e0b56398beaa0e1435ba7e94e580722c9e700598f72853c6
-
SHA512
6c51142185719e0c5268e789227cb176fb80bbf5b67b2bf4609e4fdc62fec653cc6c6e20cdce6e4ebf33ffca52ddfe340dc6b8dacd85aefb528cf68392dc2958
Static task
static1
Behavioral task
behavioral1
Sample
029994cb8087c097e0b56398beaa0e1435ba7e94e580722c9e700598f72853c6.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
Targets
-
-
Target
029994cb8087c097e0b56398beaa0e1435ba7e94e580722c9e700598f72853c6
-
Size
383KB
-
MD5
e0b1ae6fb3fdc2dbeaf24393fb44a70a
-
SHA1
683611fa910b3dabdec85e896b4a957f8a7bba9f
-
SHA256
029994cb8087c097e0b56398beaa0e1435ba7e94e580722c9e700598f72853c6
-
SHA512
6c51142185719e0c5268e789227cb176fb80bbf5b67b2bf4609e4fdc62fec653cc6c6e20cdce6e4ebf33ffca52ddfe340dc6b8dacd85aefb528cf68392dc2958
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-