General
-
Target
4cf571ee01adeb65e771faca68a4c06ecaaeeaa2951f3468a498895dc68138a0
-
Size
440KB
-
Sample
220213-rek11scehq
-
MD5
87f7ad34a17409d72ee7dd69f78de7ce
-
SHA1
322810254ead0bbfce5000ed9e99ddbe09a0f6a9
-
SHA256
4cf571ee01adeb65e771faca68a4c06ecaaeeaa2951f3468a498895dc68138a0
-
SHA512
6c02b3f77f91f859e1c8dbc990021c4a8aeb3a874b4dacfc7b922281f29e8742aa5620fb2c7997f1780140c47652894e05a979b25da6fe8b264ffa9cf5293ffe
Static task
static1
Behavioral task
behavioral1
Sample
4cf571ee01adeb65e771faca68a4c06ecaaeeaa2951f3468a498895dc68138a0.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
-
auth_value
44e87155dd7a4d1957a956ed040ff3fd
Targets
-
-
Target
4cf571ee01adeb65e771faca68a4c06ecaaeeaa2951f3468a498895dc68138a0
-
Size
440KB
-
MD5
87f7ad34a17409d72ee7dd69f78de7ce
-
SHA1
322810254ead0bbfce5000ed9e99ddbe09a0f6a9
-
SHA256
4cf571ee01adeb65e771faca68a4c06ecaaeeaa2951f3468a498895dc68138a0
-
SHA512
6c02b3f77f91f859e1c8dbc990021c4a8aeb3a874b4dacfc7b922281f29e8742aa5620fb2c7997f1780140c47652894e05a979b25da6fe8b264ffa9cf5293ffe
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-