General
-
Target
7deb26082cf08199af5d9e404de6e43c40e103cb7787b4a6ad8d287dc146eee8
-
Size
451KB
-
Sample
220211-qzcdyaecfq
-
MD5
9b558ff55c95297e595aabb3712289d6
-
SHA1
21ae0a85c3ad9fcf8441298bf4c20ce67aa04641
-
SHA256
7deb26082cf08199af5d9e404de6e43c40e103cb7787b4a6ad8d287dc146eee8
-
SHA512
41498b3f6d2357a87ab200cb31375c305c2cbf80a857d4426f4b65895966be6a3e15e8034b3591a596946e2cf8694de640beeebd66e6913371b66253851fe816
Static task
static1
Behavioral task
behavioral1
Sample
7deb26082cf08199af5d9e404de6e43c40e103cb7787b4a6ad8d287dc146eee8.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
-
auth_value
44e87155dd7a4d1957a956ed040ff3fd
Targets
-
-
Target
7deb26082cf08199af5d9e404de6e43c40e103cb7787b4a6ad8d287dc146eee8
-
Size
451KB
-
MD5
9b558ff55c95297e595aabb3712289d6
-
SHA1
21ae0a85c3ad9fcf8441298bf4c20ce67aa04641
-
SHA256
7deb26082cf08199af5d9e404de6e43c40e103cb7787b4a6ad8d287dc146eee8
-
SHA512
41498b3f6d2357a87ab200cb31375c305c2cbf80a857d4426f4b65895966be6a3e15e8034b3591a596946e2cf8694de640beeebd66e6913371b66253851fe816
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-