General
-
Target
e47d19bfa27f6fa08f91446264002fd5ce955cd1facbc34031b1849d809048c3
-
Size
340KB
-
Sample
220210-s4h4dshac9
-
MD5
5e84cd24e4adab2a79477d88f20d0e01
-
SHA1
cc25772316be04c772bee4935e86ae3336d9186e
-
SHA256
e47d19bfa27f6fa08f91446264002fd5ce955cd1facbc34031b1849d809048c3
-
SHA512
93cd390ca6f4a39610f1ebad92782aaf8a76fcec94ce852c1c2b49db876c40fd8303efe5e45a00e721b70bcac1cfa1f125b159e134a5afd6c17eb58bfffdd7da
Static task
static1
Behavioral task
behavioral1
Sample
e47d19bfa27f6fa08f91446264002fd5ce955cd1facbc34031b1849d809048c3.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
Targets
-
-
Target
e47d19bfa27f6fa08f91446264002fd5ce955cd1facbc34031b1849d809048c3
-
Size
340KB
-
MD5
5e84cd24e4adab2a79477d88f20d0e01
-
SHA1
cc25772316be04c772bee4935e86ae3336d9186e
-
SHA256
e47d19bfa27f6fa08f91446264002fd5ce955cd1facbc34031b1849d809048c3
-
SHA512
93cd390ca6f4a39610f1ebad92782aaf8a76fcec94ce852c1c2b49db876c40fd8303efe5e45a00e721b70bcac1cfa1f125b159e134a5afd6c17eb58bfffdd7da
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-