General
-
Target
ef35bf4a66ed2af647a5dffe42c3c1324f649419c7e5f36df12cd1a0d24d5087
-
Size
384KB
-
Sample
220212-xk6skaehbn
-
MD5
5a3daf8e7fa20592a10131e12f61d5a6
-
SHA1
8ed5b6765b31caaefd87709ab1281bf27638e4fb
-
SHA256
ef35bf4a66ed2af647a5dffe42c3c1324f649419c7e5f36df12cd1a0d24d5087
-
SHA512
b3ffccb1ccbe7e4c97902f1377cf5f20f0654b1a1f397c3b04f74d3921ab11c9eb96363de7884f39a649baa77c3b4e39ac670e1efcd2b7f9c3baba54627bf266
Static task
static1
Behavioral task
behavioral1
Sample
ef35bf4a66ed2af647a5dffe42c3c1324f649419c7e5f36df12cd1a0d24d5087.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
-
auth_value
44e87155dd7a4d1957a956ed040ff3fd
Targets
-
-
Target
ef35bf4a66ed2af647a5dffe42c3c1324f649419c7e5f36df12cd1a0d24d5087
-
Size
384KB
-
MD5
5a3daf8e7fa20592a10131e12f61d5a6
-
SHA1
8ed5b6765b31caaefd87709ab1281bf27638e4fb
-
SHA256
ef35bf4a66ed2af647a5dffe42c3c1324f649419c7e5f36df12cd1a0d24d5087
-
SHA512
b3ffccb1ccbe7e4c97902f1377cf5f20f0654b1a1f397c3b04f74d3921ab11c9eb96363de7884f39a649baa77c3b4e39ac670e1efcd2b7f9c3baba54627bf266
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-