General
-
Target
6b91375f1fcdebd0076ebb30eaccd54ce678be1a5f15dc4a4b8fa32399e3e478
-
Size
451KB
-
Sample
220211-y1wszadbh4
-
MD5
142470fcd39430a997bee36ba04b35a7
-
SHA1
0f2ede5cd741bd960a559b7c217cb15c79bb40a4
-
SHA256
6b91375f1fcdebd0076ebb30eaccd54ce678be1a5f15dc4a4b8fa32399e3e478
-
SHA512
19952076ad70db2d2bdcfe3deae447d18b377d7001f89372569bd53c81f4620c9b6f8aee343deae132b4631977ec7d75ea6d529c5e178d064f140cad4ca4c13e
Static task
static1
Behavioral task
behavioral1
Sample
6b91375f1fcdebd0076ebb30eaccd54ce678be1a5f15dc4a4b8fa32399e3e478.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
-
auth_value
44e87155dd7a4d1957a956ed040ff3fd
Targets
-
-
Target
6b91375f1fcdebd0076ebb30eaccd54ce678be1a5f15dc4a4b8fa32399e3e478
-
Size
451KB
-
MD5
142470fcd39430a997bee36ba04b35a7
-
SHA1
0f2ede5cd741bd960a559b7c217cb15c79bb40a4
-
SHA256
6b91375f1fcdebd0076ebb30eaccd54ce678be1a5f15dc4a4b8fa32399e3e478
-
SHA512
19952076ad70db2d2bdcfe3deae447d18b377d7001f89372569bd53c81f4620c9b6f8aee343deae132b4631977ec7d75ea6d529c5e178d064f140cad4ca4c13e
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-