General
-
Target
2e1ce5f06ef45fa6611ad42f54e29830c396c697adbf3013e70d4bde36e31051
-
Size
440KB
-
Sample
220213-m9gjvsbben
-
MD5
aa3ff9c17a3bcba16cb8a5fb19acfe29
-
SHA1
364703e2a5e38fe4430e4896de1f8f4c62a2834f
-
SHA256
2e1ce5f06ef45fa6611ad42f54e29830c396c697adbf3013e70d4bde36e31051
-
SHA512
38a1846b9f14975b2d7172b8b8d64e5fb055f75d71323154a6dcc5926bc249009dafd4aa58015d0c04b73f391974312f7f48d2afd01a58318956d01bf6eccac0
Static task
static1
Malware Config
Extracted
redline
noname
185.215.113.29:20819
-
auth_value
ee92d883673b7156fdd66cac5fc8d2d0
Targets
-
-
Target
2e1ce5f06ef45fa6611ad42f54e29830c396c697adbf3013e70d4bde36e31051
-
Size
440KB
-
MD5
aa3ff9c17a3bcba16cb8a5fb19acfe29
-
SHA1
364703e2a5e38fe4430e4896de1f8f4c62a2834f
-
SHA256
2e1ce5f06ef45fa6611ad42f54e29830c396c697adbf3013e70d4bde36e31051
-
SHA512
38a1846b9f14975b2d7172b8b8d64e5fb055f75d71323154a6dcc5926bc249009dafd4aa58015d0c04b73f391974312f7f48d2afd01a58318956d01bf6eccac0
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-