General
-
Target
00177872d492ac1f2735c5e49be2834727ca0ad173ea339950351db892f583e9
-
Size
385KB
-
Sample
220212-ph2f3adhgl
-
MD5
e9859923f29b61acc9bff58696c03a1d
-
SHA1
5046ff77c87a036afa949eb947c85fc44c6e9160
-
SHA256
00177872d492ac1f2735c5e49be2834727ca0ad173ea339950351db892f583e9
-
SHA512
04b6169fca87c66308e99fb3dd9b5ea4dda4ed68838c4dee19a1b6883266d6b5cb1c5ba72ffe46a2b5fa288765df99a8ce0fb9107e6ab5b29a053996fe4d37cd
Static task
static1
Behavioral task
behavioral1
Sample
00177872d492ac1f2735c5e49be2834727ca0ad173ea339950351db892f583e9.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
-
auth_value
44e87155dd7a4d1957a956ed040ff3fd
Targets
-
-
Target
00177872d492ac1f2735c5e49be2834727ca0ad173ea339950351db892f583e9
-
Size
385KB
-
MD5
e9859923f29b61acc9bff58696c03a1d
-
SHA1
5046ff77c87a036afa949eb947c85fc44c6e9160
-
SHA256
00177872d492ac1f2735c5e49be2834727ca0ad173ea339950351db892f583e9
-
SHA512
04b6169fca87c66308e99fb3dd9b5ea4dda4ed68838c4dee19a1b6883266d6b5cb1c5ba72ffe46a2b5fa288765df99a8ce0fb9107e6ab5b29a053996fe4d37cd
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-