General
-
Target
c258d63c328a2eb6490b84c2b5586b2d47f8a24a821f6e935b4eab86ed3a6430
-
Size
326KB
-
Sample
220211-f17alachak
-
MD5
58218197c467ef27caa007d927a36d3e
-
SHA1
95b51f43da1fcf051586fb00d9a4d2a2cfb30413
-
SHA256
c258d63c328a2eb6490b84c2b5586b2d47f8a24a821f6e935b4eab86ed3a6430
-
SHA512
344961aab2b3534a6734b24123404f86d52913a8bda4700087e7ab2b2f3c7513a75b745171e1c29817d16f6c689dd05a2bfe3d7b57370f7fa17dfbaf434a9148
Static task
static1
Malware Config
Extracted
redline
noname
185.215.113.29:20819
-
auth_value
ee92d883673b7156fdd66cac5fc8d2d0
Targets
-
-
Target
c258d63c328a2eb6490b84c2b5586b2d47f8a24a821f6e935b4eab86ed3a6430
-
Size
326KB
-
MD5
58218197c467ef27caa007d927a36d3e
-
SHA1
95b51f43da1fcf051586fb00d9a4d2a2cfb30413
-
SHA256
c258d63c328a2eb6490b84c2b5586b2d47f8a24a821f6e935b4eab86ed3a6430
-
SHA512
344961aab2b3534a6734b24123404f86d52913a8bda4700087e7ab2b2f3c7513a75b745171e1c29817d16f6c689dd05a2bfe3d7b57370f7fa17dfbaf434a9148
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-