General
-
Target
5bf64a55ffb55f9b31a855762496cbd582f43dcd0fa2c762de35051cd1823dbf
-
Size
327KB
-
Sample
220211-cs9tzahhc2
-
MD5
605d3e797e6a8490c25fe8729e69f396
-
SHA1
739a069240c7864d2d1d06117fbaefe342b2abb5
-
SHA256
5bf64a55ffb55f9b31a855762496cbd582f43dcd0fa2c762de35051cd1823dbf
-
SHA512
e45a90a83f515151c7701f65a4604062952621e8eeb92eca150e038173913036cf5ba618d84c13ee13d658c9c310e3722fb2a4f8b8d7d1ed8fcd68df7f42b82d
Static task
static1
Behavioral task
behavioral1
Sample
5bf64a55ffb55f9b31a855762496cbd582f43dcd0fa2c762de35051cd1823dbf.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
-
auth_value
44e87155dd7a4d1957a956ed040ff3fd
Targets
-
-
Target
5bf64a55ffb55f9b31a855762496cbd582f43dcd0fa2c762de35051cd1823dbf
-
Size
327KB
-
MD5
605d3e797e6a8490c25fe8729e69f396
-
SHA1
739a069240c7864d2d1d06117fbaefe342b2abb5
-
SHA256
5bf64a55ffb55f9b31a855762496cbd582f43dcd0fa2c762de35051cd1823dbf
-
SHA512
e45a90a83f515151c7701f65a4604062952621e8eeb92eca150e038173913036cf5ba618d84c13ee13d658c9c310e3722fb2a4f8b8d7d1ed8fcd68df7f42b82d
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-