General
-
Target
d0e6abddf89da255c3b978259f825049c39baa4372d86c1fc1ceb88f0a72076f
-
Size
339KB
-
Sample
220210-gchg1aegbp
-
MD5
6b345e6e7187ff647ca32e6ae6e87d0d
-
SHA1
82bd63909ba84c36c838d02fb90ab79f42805ad5
-
SHA256
d0e6abddf89da255c3b978259f825049c39baa4372d86c1fc1ceb88f0a72076f
-
SHA512
84af971b0a9895b50aa2b55c9195b4efe5e4463595ea9bc6df803b2b9812ebf28addb2c5917a3b982c88b4a19d6e65597a8612e0c231a13d20c302f2139ceb34
Static task
static1
Behavioral task
behavioral1
Sample
d0e6abddf89da255c3b978259f825049c39baa4372d86c1fc1ceb88f0a72076f.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
Targets
-
-
Target
d0e6abddf89da255c3b978259f825049c39baa4372d86c1fc1ceb88f0a72076f
-
Size
339KB
-
MD5
6b345e6e7187ff647ca32e6ae6e87d0d
-
SHA1
82bd63909ba84c36c838d02fb90ab79f42805ad5
-
SHA256
d0e6abddf89da255c3b978259f825049c39baa4372d86c1fc1ceb88f0a72076f
-
SHA512
84af971b0a9895b50aa2b55c9195b4efe5e4463595ea9bc6df803b2b9812ebf28addb2c5917a3b982c88b4a19d6e65597a8612e0c231a13d20c302f2139ceb34
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-