General
-
Target
82091a59f4d10c6fa1bb0e993883890daef376e9600ae8cc6e274f8f3bf96e7e
-
Size
327KB
-
Sample
220211-g173kabfh5
-
MD5
403efbe20801cb52554f41baba3dc8cd
-
SHA1
abc3f6dcf95b89702777e40f8239883343eb759d
-
SHA256
82091a59f4d10c6fa1bb0e993883890daef376e9600ae8cc6e274f8f3bf96e7e
-
SHA512
f640b4a5969bc8d82a346c774268084356d552ea7cc579beeffd0c4cb75abca807ee50394b5d4df3ac8dda5ab6881b6f4ec15dbe93819bf7c60e10d71628ff52
Static task
static1
Behavioral task
behavioral1
Sample
82091a59f4d10c6fa1bb0e993883890daef376e9600ae8cc6e274f8f3bf96e7e.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
-
auth_value
44e87155dd7a4d1957a956ed040ff3fd
Targets
-
-
Target
82091a59f4d10c6fa1bb0e993883890daef376e9600ae8cc6e274f8f3bf96e7e
-
Size
327KB
-
MD5
403efbe20801cb52554f41baba3dc8cd
-
SHA1
abc3f6dcf95b89702777e40f8239883343eb759d
-
SHA256
82091a59f4d10c6fa1bb0e993883890daef376e9600ae8cc6e274f8f3bf96e7e
-
SHA512
f640b4a5969bc8d82a346c774268084356d552ea7cc579beeffd0c4cb75abca807ee50394b5d4df3ac8dda5ab6881b6f4ec15dbe93819bf7c60e10d71628ff52
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-