General
-
Target
b1dc17e988d0494ae923cfb165cb8a0c46cfafc1d9f755aa6bb25d1851767071
-
Size
469KB
-
Sample
220213-lpd3kaadfr
-
MD5
fb6dc2250869b2228475ea717c8dc158
-
SHA1
8d325956e5e09a74d4bed7c28381bc88ca7d3955
-
SHA256
b1dc17e988d0494ae923cfb165cb8a0c46cfafc1d9f755aa6bb25d1851767071
-
SHA512
db2fe715a06dccef76ece8b5765888addce185b6cad97a92714a7c767d5b5e1cabf68214a955adab915b89a2f725e73eaf53ab395f4188ad6199bd5aceeb6933
Static task
static1
Behavioral task
behavioral1
Sample
b1dc17e988d0494ae923cfb165cb8a0c46cfafc1d9f755aa6bb25d1851767071.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
-
auth_value
44e87155dd7a4d1957a956ed040ff3fd
Targets
-
-
Target
b1dc17e988d0494ae923cfb165cb8a0c46cfafc1d9f755aa6bb25d1851767071
-
Size
469KB
-
MD5
fb6dc2250869b2228475ea717c8dc158
-
SHA1
8d325956e5e09a74d4bed7c28381bc88ca7d3955
-
SHA256
b1dc17e988d0494ae923cfb165cb8a0c46cfafc1d9f755aa6bb25d1851767071
-
SHA512
db2fe715a06dccef76ece8b5765888addce185b6cad97a92714a7c767d5b5e1cabf68214a955adab915b89a2f725e73eaf53ab395f4188ad6199bd5aceeb6933
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-