General
-
Target
5e889bb6e053a7aaa33929d49c1a0f9b20c2197e817617583ddb6ca80cea7fdf
-
Size
340KB
-
Sample
220210-pymylsghb3
-
MD5
eb7a9d67cae90963c574432ceb990714
-
SHA1
9aed27fc3ec3ab4c404c8dfb8d9da276c6a5c71c
-
SHA256
5e889bb6e053a7aaa33929d49c1a0f9b20c2197e817617583ddb6ca80cea7fdf
-
SHA512
6d074f666542c4efe31e6e8f656a7c941d4cc167ccfcaf2c3c6743c9f1dfa5881e8dee8a1257c7991218b338c51dfa9936911b2066b932f13d870e0097db81e8
Static task
static1
Behavioral task
behavioral1
Sample
5e889bb6e053a7aaa33929d49c1a0f9b20c2197e817617583ddb6ca80cea7fdf.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
Targets
-
-
Target
5e889bb6e053a7aaa33929d49c1a0f9b20c2197e817617583ddb6ca80cea7fdf
-
Size
340KB
-
MD5
eb7a9d67cae90963c574432ceb990714
-
SHA1
9aed27fc3ec3ab4c404c8dfb8d9da276c6a5c71c
-
SHA256
5e889bb6e053a7aaa33929d49c1a0f9b20c2197e817617583ddb6ca80cea7fdf
-
SHA512
6d074f666542c4efe31e6e8f656a7c941d4cc167ccfcaf2c3c6743c9f1dfa5881e8dee8a1257c7991218b338c51dfa9936911b2066b932f13d870e0097db81e8
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-