General
-
Target
4116363ff76bb53ab7f81bffea18518193f5a18b39947bca95f089b60fa433eb
-
Size
451KB
-
Sample
220211-x7wwwaefgj
-
MD5
1657b870fc85eace23655c2e2e53f61a
-
SHA1
06271e4bf386464f3feb7da97916a506c7b11188
-
SHA256
4116363ff76bb53ab7f81bffea18518193f5a18b39947bca95f089b60fa433eb
-
SHA512
11f80ba9bd1a2ebdb5b07179c1a5a6b2635fe5fd31b6c64dee2b0974774ee39e076113e66e7f2bec7c92255135cc95190f97655ae3966e2d5e8c27af557dd240
Static task
static1
Behavioral task
behavioral1
Sample
4116363ff76bb53ab7f81bffea18518193f5a18b39947bca95f089b60fa433eb.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
-
auth_value
44e87155dd7a4d1957a956ed040ff3fd
Targets
-
-
Target
4116363ff76bb53ab7f81bffea18518193f5a18b39947bca95f089b60fa433eb
-
Size
451KB
-
MD5
1657b870fc85eace23655c2e2e53f61a
-
SHA1
06271e4bf386464f3feb7da97916a506c7b11188
-
SHA256
4116363ff76bb53ab7f81bffea18518193f5a18b39947bca95f089b60fa433eb
-
SHA512
11f80ba9bd1a2ebdb5b07179c1a5a6b2635fe5fd31b6c64dee2b0974774ee39e076113e66e7f2bec7c92255135cc95190f97655ae3966e2d5e8c27af557dd240
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-