General
-
Target
47ce7ac8df549ab98a770a2616d18c5da1c04ce9095a7595d41e5638370fedfd
-
Size
451KB
-
Sample
220211-s8shmaedfn
-
MD5
2092402361384dfcb4ee8c12085e0933
-
SHA1
d423bdbcc1f54a6eac874b78f85638ae171eb1e2
-
SHA256
47ce7ac8df549ab98a770a2616d18c5da1c04ce9095a7595d41e5638370fedfd
-
SHA512
b0869d57f0746691a0a679fd6b22719aefbc5bebc2adc3d0c9562fca8d7df235ff7f7620d870038b37a23063d765616618acfa5d8fca51b1f4f90e8237708ab1
Static task
static1
Behavioral task
behavioral1
Sample
47ce7ac8df549ab98a770a2616d18c5da1c04ce9095a7595d41e5638370fedfd.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
-
auth_value
44e87155dd7a4d1957a956ed040ff3fd
Targets
-
-
Target
47ce7ac8df549ab98a770a2616d18c5da1c04ce9095a7595d41e5638370fedfd
-
Size
451KB
-
MD5
2092402361384dfcb4ee8c12085e0933
-
SHA1
d423bdbcc1f54a6eac874b78f85638ae171eb1e2
-
SHA256
47ce7ac8df549ab98a770a2616d18c5da1c04ce9095a7595d41e5638370fedfd
-
SHA512
b0869d57f0746691a0a679fd6b22719aefbc5bebc2adc3d0c9562fca8d7df235ff7f7620d870038b37a23063d765616618acfa5d8fca51b1f4f90e8237708ab1
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-