General
-
Target
47929d9a25c4a00903e993e847e118b3cd7a6847affad0281d5aad987b1f3224
-
Size
327KB
-
Sample
220211-dd53xabfdm
-
MD5
449a294ba12cc33b95b954a6e5a6f939
-
SHA1
c6926f1efb0e953036ee896e2d5bd7be553589db
-
SHA256
47929d9a25c4a00903e993e847e118b3cd7a6847affad0281d5aad987b1f3224
-
SHA512
4c02558b189abb14ba05fdd2ce7658459de0833d2b1576662c03dc8ffd1b5feace7c4f4c922c8c2cfdd0764838200b9ad596513e00d67ebb8bd38fcd9e4de8ea
Static task
static1
Behavioral task
behavioral1
Sample
47929d9a25c4a00903e993e847e118b3cd7a6847affad0281d5aad987b1f3224.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
-
auth_value
44e87155dd7a4d1957a956ed040ff3fd
Targets
-
-
Target
47929d9a25c4a00903e993e847e118b3cd7a6847affad0281d5aad987b1f3224
-
Size
327KB
-
MD5
449a294ba12cc33b95b954a6e5a6f939
-
SHA1
c6926f1efb0e953036ee896e2d5bd7be553589db
-
SHA256
47929d9a25c4a00903e993e847e118b3cd7a6847affad0281d5aad987b1f3224
-
SHA512
4c02558b189abb14ba05fdd2ce7658459de0833d2b1576662c03dc8ffd1b5feace7c4f4c922c8c2cfdd0764838200b9ad596513e00d67ebb8bd38fcd9e4de8ea
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-