General
-
Target
SecuriteInfo.com.Trojan.GenericKD.36459959.22130.25929
-
Size
368KB
-
Sample
210307-lv3ht23zq6
-
MD5
4bf1d28524782e3de6d241c2bb625b5e
-
SHA1
6f4719a1b5b00b6047108fb7e98dbaf516dad610
-
SHA256
badb1739d819774ec20371577cb5435f40fd9943258fb3fbff14f078884c58e4
-
SHA512
3f4632b10650603567742b2574c066b304149900fcf6e47faeed44fa0775aef9b83c0a940bf9dc1ee0813e642a65bb90df85f6dc95da9da6c1f1d7b834cf111c
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Trojan.GenericKD.36459959.22130.25929
-
Size
368KB
-
MD5
4bf1d28524782e3de6d241c2bb625b5e
-
SHA1
6f4719a1b5b00b6047108fb7e98dbaf516dad610
-
SHA256
badb1739d819774ec20371577cb5435f40fd9943258fb3fbff14f078884c58e4
-
SHA512
3f4632b10650603567742b2574c066b304149900fcf6e47faeed44fa0775aef9b83c0a940bf9dc1ee0813e642a65bb90df85f6dc95da9da6c1f1d7b834cf111c
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-