General
-
Target
f78043064f0e16aea6e873598fe50a94361c399c3dc970400d158c7cf9b24120
-
Size
375KB
-
Sample
220210-xp7wesagcm
-
MD5
288ddef9619ae09941218195a684616c
-
SHA1
4dc7d8f1121f0d9a29b3d600db342804c8dc89bb
-
SHA256
f78043064f0e16aea6e873598fe50a94361c399c3dc970400d158c7cf9b24120
-
SHA512
d472fcbc80ca8198d55f342b5130443c7f9e9e0105d4bf6a927ad2bec0da09317093160e2a64481cde175b60aa22b04ee9c4040e3d06263689dec758768637e5
Static task
static1
Behavioral task
behavioral1
Sample
f78043064f0e16aea6e873598fe50a94361c399c3dc970400d158c7cf9b24120.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
-
auth_value
44e87155dd7a4d1957a956ed040ff3fd
Targets
-
-
Target
f78043064f0e16aea6e873598fe50a94361c399c3dc970400d158c7cf9b24120
-
Size
375KB
-
MD5
288ddef9619ae09941218195a684616c
-
SHA1
4dc7d8f1121f0d9a29b3d600db342804c8dc89bb
-
SHA256
f78043064f0e16aea6e873598fe50a94361c399c3dc970400d158c7cf9b24120
-
SHA512
d472fcbc80ca8198d55f342b5130443c7f9e9e0105d4bf6a927ad2bec0da09317093160e2a64481cde175b60aa22b04ee9c4040e3d06263689dec758768637e5
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-