General
-
Target
f6f9da2e5502881db46d389651e6829f9a52a43e8b46eea0798f65f54abda8ad
-
Size
385KB
-
Sample
220212-kfwqksbgaq
-
MD5
5896cf5a47d3e64e20733218bb9d0d44
-
SHA1
5ed629691a75677f2e2c8ce95787cb63f7d2a179
-
SHA256
f6f9da2e5502881db46d389651e6829f9a52a43e8b46eea0798f65f54abda8ad
-
SHA512
2927f76f76da705cb3b3cb9849471ed4bbf15c0ba61cd0ce621e6f4eabdad8af15bddb30f95518d1e687f2eab54ce1546fc70d6aafc8e9582daf9b328dfaec8d
Static task
static1
Behavioral task
behavioral1
Sample
f6f9da2e5502881db46d389651e6829f9a52a43e8b46eea0798f65f54abda8ad.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
-
auth_value
44e87155dd7a4d1957a956ed040ff3fd
Targets
-
-
Target
f6f9da2e5502881db46d389651e6829f9a52a43e8b46eea0798f65f54abda8ad
-
Size
385KB
-
MD5
5896cf5a47d3e64e20733218bb9d0d44
-
SHA1
5ed629691a75677f2e2c8ce95787cb63f7d2a179
-
SHA256
f6f9da2e5502881db46d389651e6829f9a52a43e8b46eea0798f65f54abda8ad
-
SHA512
2927f76f76da705cb3b3cb9849471ed4bbf15c0ba61cd0ce621e6f4eabdad8af15bddb30f95518d1e687f2eab54ce1546fc70d6aafc8e9582daf9b328dfaec8d
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-