General
-
Target
7294fdb149c248e7e57d482d3e469169b4a8eb61e3395b80917f2f42d6b0ca5a
-
Size
366KB
-
Sample
211015-rdeslsbad9
-
MD5
54297f53806d835d43fb0ed770d4619f
-
SHA1
4be9496c88467d072ba3ef3d15607ef566e92862
-
SHA256
7294fdb149c248e7e57d482d3e469169b4a8eb61e3395b80917f2f42d6b0ca5a
-
SHA512
55f24e8afb5d32f064f96fe1214d64166690b4d8a7504b799dcf00bfbd90088715f40f3a4435cd650644873ce4b49ece50166fcb9b4109029909107ee9ec408a
Malware Config
Extracted
redline
sewPalp
185.215.113.29:24645
Targets
-
-
Target
7294fdb149c248e7e57d482d3e469169b4a8eb61e3395b80917f2f42d6b0ca5a
-
Size
366KB
-
MD5
54297f53806d835d43fb0ed770d4619f
-
SHA1
4be9496c88467d072ba3ef3d15607ef566e92862
-
SHA256
7294fdb149c248e7e57d482d3e469169b4a8eb61e3395b80917f2f42d6b0ca5a
-
SHA512
55f24e8afb5d32f064f96fe1214d64166690b4d8a7504b799dcf00bfbd90088715f40f3a4435cd650644873ce4b49ece50166fcb9b4109029909107ee9ec408a
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-