General
-
Target
a2b5ba53fad74eeda6387140ac12165ca29640a9de025d8a033987cd18f7df13
-
Size
384KB
-
Sample
220212-v9zpfaeggl
-
MD5
7666c185a50e96959644efb9e456dd28
-
SHA1
58aff27a493a30877a93d75e14a085b28927b1e5
-
SHA256
a2b5ba53fad74eeda6387140ac12165ca29640a9de025d8a033987cd18f7df13
-
SHA512
4a9758f4c86f656a8005f605a81b1418b69154cbc298effce6bdca067e3854221dd64844b7bbc7e8bf95665cc16510204d80d9509f253eb81dd12dc69ae114c8
Static task
static1
Malware Config
Extracted
redline
noname
185.215.113.29:20819
-
auth_value
ee92d883673b7156fdd66cac5fc8d2d0
Targets
-
-
Target
a2b5ba53fad74eeda6387140ac12165ca29640a9de025d8a033987cd18f7df13
-
Size
384KB
-
MD5
7666c185a50e96959644efb9e456dd28
-
SHA1
58aff27a493a30877a93d75e14a085b28927b1e5
-
SHA256
a2b5ba53fad74eeda6387140ac12165ca29640a9de025d8a033987cd18f7df13
-
SHA512
4a9758f4c86f656a8005f605a81b1418b69154cbc298effce6bdca067e3854221dd64844b7bbc7e8bf95665cc16510204d80d9509f253eb81dd12dc69ae114c8
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-