General
-
Target
b099c6008bc24fd7dffa5e7394fce38f7d08d2a793e62c626ae7a36bf619b879
-
Size
370KB
-
Sample
211015-v4htqsbbg9
-
MD5
6f554a95b841293eaa18e6067218d171
-
SHA1
62e2127fab2469f5aa1f01c43a57a81f43fe852e
-
SHA256
b099c6008bc24fd7dffa5e7394fce38f7d08d2a793e62c626ae7a36bf619b879
-
SHA512
f7a17fc57ed226d4f75d33a1e3c3ae8be55454f41a116b1efa136133c89e5c14371dccb71d98b79468fc655431d18b09a0e39233975ba5dbecbdad9563ae02ac
Malware Config
Extracted
redline
sewPalp
185.215.113.29:24645
Targets
-
-
Target
b099c6008bc24fd7dffa5e7394fce38f7d08d2a793e62c626ae7a36bf619b879
-
Size
370KB
-
MD5
6f554a95b841293eaa18e6067218d171
-
SHA1
62e2127fab2469f5aa1f01c43a57a81f43fe852e
-
SHA256
b099c6008bc24fd7dffa5e7394fce38f7d08d2a793e62c626ae7a36bf619b879
-
SHA512
f7a17fc57ed226d4f75d33a1e3c3ae8be55454f41a116b1efa136133c89e5c14371dccb71d98b79468fc655431d18b09a0e39233975ba5dbecbdad9563ae02ac
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-