General
-
Target
48a87946d6891f792c328049804cf9ebc92a5fc6ea67076d7efe587adc71644f
-
Size
411KB
-
Sample
220211-mbst8sebcp
-
MD5
0bbcc0c7d18a6793ea27c789d8bd6adf
-
SHA1
e5cee6e8f8b3906a299cec0fa5136e5742f2734c
-
SHA256
48a87946d6891f792c328049804cf9ebc92a5fc6ea67076d7efe587adc71644f
-
SHA512
1432f16a628671cef6e6d62d24be20feac59b12147c8508c0a35df4ccae8e048b595972f7314b865a88d708f8af716286f756a64b0b01e328c1ac3a82d30d2ac
Static task
static1
Malware Config
Extracted
redline
noname
185.215.113.29:20819
-
auth_value
ee92d883673b7156fdd66cac5fc8d2d0
Targets
-
-
Target
48a87946d6891f792c328049804cf9ebc92a5fc6ea67076d7efe587adc71644f
-
Size
411KB
-
MD5
0bbcc0c7d18a6793ea27c789d8bd6adf
-
SHA1
e5cee6e8f8b3906a299cec0fa5136e5742f2734c
-
SHA256
48a87946d6891f792c328049804cf9ebc92a5fc6ea67076d7efe587adc71644f
-
SHA512
1432f16a628671cef6e6d62d24be20feac59b12147c8508c0a35df4ccae8e048b595972f7314b865a88d708f8af716286f756a64b0b01e328c1ac3a82d30d2ac
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-