General
-
Target
d75a7dad314df5821f7219a7177ae3987637d9360e8ad10976d171bb9ffc34b3
-
Size
451KB
-
Sample
220211-rxr72sedam
-
MD5
96cdacc5e0bc59ee1877f4ab383e6a8f
-
SHA1
3ef5b47b9243125348aa5a295845ef959baecfd2
-
SHA256
d75a7dad314df5821f7219a7177ae3987637d9360e8ad10976d171bb9ffc34b3
-
SHA512
48c1473f825f201564b4df1de125ce2c73a7b76487b2ffb6db63c8bc4c27f2f2404e37b9cd6d8069d5e268dda46b88eef0184be019201e26e12fb8118192d24a
Static task
static1
Behavioral task
behavioral1
Sample
d75a7dad314df5821f7219a7177ae3987637d9360e8ad10976d171bb9ffc34b3.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
-
auth_value
44e87155dd7a4d1957a956ed040ff3fd
Targets
-
-
Target
d75a7dad314df5821f7219a7177ae3987637d9360e8ad10976d171bb9ffc34b3
-
Size
451KB
-
MD5
96cdacc5e0bc59ee1877f4ab383e6a8f
-
SHA1
3ef5b47b9243125348aa5a295845ef959baecfd2
-
SHA256
d75a7dad314df5821f7219a7177ae3987637d9360e8ad10976d171bb9ffc34b3
-
SHA512
48c1473f825f201564b4df1de125ce2c73a7b76487b2ffb6db63c8bc4c27f2f2404e37b9cd6d8069d5e268dda46b88eef0184be019201e26e12fb8118192d24a
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-