General
-
Target
8a69cde551f65d84d88af5c0c65a4ad9ae590a130e8a6d491f9263d328fe9ee5
-
Size
385KB
-
Sample
220212-al9jhsdhh8
-
MD5
ccf487ed8c286c55d6f8d020c370aab0
-
SHA1
870f3e8f3e483dd05eb68d1654d20066b168a1e4
-
SHA256
8a69cde551f65d84d88af5c0c65a4ad9ae590a130e8a6d491f9263d328fe9ee5
-
SHA512
e7507abe1554515077ec19f98da5886eab98d59b4fa88b31b5aaf2f258493f0a97b8448e7b77e5aa5872afcf8a86d64c6a05f7f9a8942765fca0c00ed864fbc6
Static task
static1
Behavioral task
behavioral1
Sample
8a69cde551f65d84d88af5c0c65a4ad9ae590a130e8a6d491f9263d328fe9ee5.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
-
auth_value
44e87155dd7a4d1957a956ed040ff3fd
Targets
-
-
Target
8a69cde551f65d84d88af5c0c65a4ad9ae590a130e8a6d491f9263d328fe9ee5
-
Size
385KB
-
MD5
ccf487ed8c286c55d6f8d020c370aab0
-
SHA1
870f3e8f3e483dd05eb68d1654d20066b168a1e4
-
SHA256
8a69cde551f65d84d88af5c0c65a4ad9ae590a130e8a6d491f9263d328fe9ee5
-
SHA512
e7507abe1554515077ec19f98da5886eab98d59b4fa88b31b5aaf2f258493f0a97b8448e7b77e5aa5872afcf8a86d64c6a05f7f9a8942765fca0c00ed864fbc6
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-