General
-
Target
b9aa61846e9d50ff33c90a39774e279c0be758bac554c5d3ac790292b04a20ec
-
Size
465KB
-
Sample
220213-c8nxfafbcp
-
MD5
939254f31dde6a19f4274f878be72f3a
-
SHA1
fae0abafaef0fd4c72e9a548b1c4a80b230a4b05
-
SHA256
b9aa61846e9d50ff33c90a39774e279c0be758bac554c5d3ac790292b04a20ec
-
SHA512
f7595b30332a5a9b5a88a74f849ef27a106d6ef32bfa7141b29978e4db9459d89e8a6e955c9b6a01c3121f78143612f2208030cd620dc999ccb69c0f66bce632
Static task
static1
Malware Config
Extracted
redline
noname
185.215.113.29:20819
-
auth_value
ee92d883673b7156fdd66cac5fc8d2d0
Targets
-
-
Target
b9aa61846e9d50ff33c90a39774e279c0be758bac554c5d3ac790292b04a20ec
-
Size
465KB
-
MD5
939254f31dde6a19f4274f878be72f3a
-
SHA1
fae0abafaef0fd4c72e9a548b1c4a80b230a4b05
-
SHA256
b9aa61846e9d50ff33c90a39774e279c0be758bac554c5d3ac790292b04a20ec
-
SHA512
f7595b30332a5a9b5a88a74f849ef27a106d6ef32bfa7141b29978e4db9459d89e8a6e955c9b6a01c3121f78143612f2208030cd620dc999ccb69c0f66bce632
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-