General
-
Target
0c485d4c1636e8ef5c4b1b3d30173ce006350ec18c58f55b1ba80f8da5bff820
-
Size
385KB
-
Sample
220212-aa6ngsfdbk
-
MD5
d6428db0f1ea85f0e49b048f89063704
-
SHA1
269b54adba2b5d2d77f84bdbec5102354ffbbc8c
-
SHA256
0c485d4c1636e8ef5c4b1b3d30173ce006350ec18c58f55b1ba80f8da5bff820
-
SHA512
e91af4a1e14b9f9f182692721f1afe176bf546eb1144ad3c70154c846d2b9a91f29f1a3b5234ad8ba81990dde023744acb4df0818ca09b73f514ace0e23e8900
Static task
static1
Behavioral task
behavioral1
Sample
0c485d4c1636e8ef5c4b1b3d30173ce006350ec18c58f55b1ba80f8da5bff820.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
-
auth_value
44e87155dd7a4d1957a956ed040ff3fd
Targets
-
-
Target
0c485d4c1636e8ef5c4b1b3d30173ce006350ec18c58f55b1ba80f8da5bff820
-
Size
385KB
-
MD5
d6428db0f1ea85f0e49b048f89063704
-
SHA1
269b54adba2b5d2d77f84bdbec5102354ffbbc8c
-
SHA256
0c485d4c1636e8ef5c4b1b3d30173ce006350ec18c58f55b1ba80f8da5bff820
-
SHA512
e91af4a1e14b9f9f182692721f1afe176bf546eb1144ad3c70154c846d2b9a91f29f1a3b5234ad8ba81990dde023744acb4df0818ca09b73f514ace0e23e8900
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-