General
-
Target
51afa20cef90c9a1371f5ba1c8d3793690f7bfc2d6d3344a29a847bee37ba388
-
Size
384KB
-
Sample
220212-wctmladab9
-
MD5
74640fd768fc7134a2b8ecf3182e6ca1
-
SHA1
1354728a938f75eb0df81a0f8fb3567a1fe8f69b
-
SHA256
51afa20cef90c9a1371f5ba1c8d3793690f7bfc2d6d3344a29a847bee37ba388
-
SHA512
31ea154b0d411764b52e0b33c01195120b285fa4b94d3f4402c6d89f703e165fa9d98c62b11269c5e6ef56cdbbd7485c117c063e9a2d731a92f1edd7f73f0e29
Static task
static1
Behavioral task
behavioral1
Sample
51afa20cef90c9a1371f5ba1c8d3793690f7bfc2d6d3344a29a847bee37ba388.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
-
auth_value
44e87155dd7a4d1957a956ed040ff3fd
Targets
-
-
Target
51afa20cef90c9a1371f5ba1c8d3793690f7bfc2d6d3344a29a847bee37ba388
-
Size
384KB
-
MD5
74640fd768fc7134a2b8ecf3182e6ca1
-
SHA1
1354728a938f75eb0df81a0f8fb3567a1fe8f69b
-
SHA256
51afa20cef90c9a1371f5ba1c8d3793690f7bfc2d6d3344a29a847bee37ba388
-
SHA512
31ea154b0d411764b52e0b33c01195120b285fa4b94d3f4402c6d89f703e165fa9d98c62b11269c5e6ef56cdbbd7485c117c063e9a2d731a92f1edd7f73f0e29
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-