General
-
Target
7a76768316269c0f17dc1e76d3298019493646a73b9f9b2e5b181723654ca44c
-
Size
385KB
-
Sample
220212-cvsngaehe8
-
MD5
8a7e123deaf0f5d564ddbb6e470c91d3
-
SHA1
b3dea5a2f8229bfba3a115bba0bdd050698cae3b
-
SHA256
7a76768316269c0f17dc1e76d3298019493646a73b9f9b2e5b181723654ca44c
-
SHA512
1f736a32e449b4e259cd93733272930225b1bf7a6fc6eda3130291b5074ee29fb9655d939865ef3cadd7ff23bad27cd102a5633900325c987340a3c8d0a37c94
Static task
static1
Behavioral task
behavioral1
Sample
7a76768316269c0f17dc1e76d3298019493646a73b9f9b2e5b181723654ca44c.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
-
auth_value
44e87155dd7a4d1957a956ed040ff3fd
Targets
-
-
Target
7a76768316269c0f17dc1e76d3298019493646a73b9f9b2e5b181723654ca44c
-
Size
385KB
-
MD5
8a7e123deaf0f5d564ddbb6e470c91d3
-
SHA1
b3dea5a2f8229bfba3a115bba0bdd050698cae3b
-
SHA256
7a76768316269c0f17dc1e76d3298019493646a73b9f9b2e5b181723654ca44c
-
SHA512
1f736a32e449b4e259cd93733272930225b1bf7a6fc6eda3130291b5074ee29fb9655d939865ef3cadd7ff23bad27cd102a5633900325c987340a3c8d0a37c94
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-