General
-
Target
9651b11d911a149d32c48b23f0f60c3d049122fbad1157d6f523de0025fd5165
-
Size
441KB
-
Sample
220213-xh7bbaddfr
-
MD5
b9c0a397dcc8250901a7d6ca91a7fcae
-
SHA1
ee60159c6f091757f13a6d176008b8cc8bc5659d
-
SHA256
9651b11d911a149d32c48b23f0f60c3d049122fbad1157d6f523de0025fd5165
-
SHA512
82f683aef5bcd35c1a18ea53c27c45af3766dc497db20f0c6c8a2cfba4233fbc3b89ae48d3df3f413c36cdc3f6f4388a97e6f84f4f6df9daf1d959e380978142
Static task
static1
Behavioral task
behavioral1
Sample
9651b11d911a149d32c48b23f0f60c3d049122fbad1157d6f523de0025fd5165.exe
Resource
win10-en-20211208
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
-
auth_value
44e87155dd7a4d1957a956ed040ff3fd
Targets
-
-
Target
9651b11d911a149d32c48b23f0f60c3d049122fbad1157d6f523de0025fd5165
-
Size
441KB
-
MD5
b9c0a397dcc8250901a7d6ca91a7fcae
-
SHA1
ee60159c6f091757f13a6d176008b8cc8bc5659d
-
SHA256
9651b11d911a149d32c48b23f0f60c3d049122fbad1157d6f523de0025fd5165
-
SHA512
82f683aef5bcd35c1a18ea53c27c45af3766dc497db20f0c6c8a2cfba4233fbc3b89ae48d3df3f413c36cdc3f6f4388a97e6f84f4f6df9daf1d959e380978142
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-