General
-
Target
8c3c93b58dc126a79797da2ef41ce7cb82f56d3b534ff821229bee57a7dcf12d
-
Size
371KB
-
Sample
220213-a6rjfafagp
-
MD5
fea31a8b1fd7adae773392e8486a3554
-
SHA1
cf1f593cdc07ab3f8301d1071c4d10dae04e5511
-
SHA256
8c3c93b58dc126a79797da2ef41ce7cb82f56d3b534ff821229bee57a7dcf12d
-
SHA512
1113bab210499204732e8414fe5d0328aefa7f26b8af21fc98134c642f621cafd8c245d7b7684f63995f1db10923c9a81fc6dbbd7f2cf789a5d5ab64ce3657ec
Static task
static1
Behavioral task
behavioral1
Sample
8c3c93b58dc126a79797da2ef41ce7cb82f56d3b534ff821229bee57a7dcf12d.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
-
auth_value
44e87155dd7a4d1957a956ed040ff3fd
Targets
-
-
Target
8c3c93b58dc126a79797da2ef41ce7cb82f56d3b534ff821229bee57a7dcf12d
-
Size
371KB
-
MD5
fea31a8b1fd7adae773392e8486a3554
-
SHA1
cf1f593cdc07ab3f8301d1071c4d10dae04e5511
-
SHA256
8c3c93b58dc126a79797da2ef41ce7cb82f56d3b534ff821229bee57a7dcf12d
-
SHA512
1113bab210499204732e8414fe5d0328aefa7f26b8af21fc98134c642f621cafd8c245d7b7684f63995f1db10923c9a81fc6dbbd7f2cf789a5d5ab64ce3657ec
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-