General
-
Target
3c31ae6971cec7867593676ed7a246d3bb239fdd955323ed4b496f107397da4d
-
Size
465KB
-
Sample
220213-gye9rsgehr
-
MD5
b0fe575bebe0bd646f018a0f232c0372
-
SHA1
aacdb918bc5fb85d10a0838490b659f95f700bcb
-
SHA256
3c31ae6971cec7867593676ed7a246d3bb239fdd955323ed4b496f107397da4d
-
SHA512
6417bf991419b88124aee82441847ff799eef7d2e436018c5add4a5f60491f30cab69fb3e7ad76f638c73575777a98acfab421b87269c20e3032b5c518e2d6d5
Static task
static1
Behavioral task
behavioral1
Sample
3c31ae6971cec7867593676ed7a246d3bb239fdd955323ed4b496f107397da4d.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
-
auth_value
44e87155dd7a4d1957a956ed040ff3fd
Targets
-
-
Target
3c31ae6971cec7867593676ed7a246d3bb239fdd955323ed4b496f107397da4d
-
Size
465KB
-
MD5
b0fe575bebe0bd646f018a0f232c0372
-
SHA1
aacdb918bc5fb85d10a0838490b659f95f700bcb
-
SHA256
3c31ae6971cec7867593676ed7a246d3bb239fdd955323ed4b496f107397da4d
-
SHA512
6417bf991419b88124aee82441847ff799eef7d2e436018c5add4a5f60491f30cab69fb3e7ad76f638c73575777a98acfab421b87269c20e3032b5c518e2d6d5
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-