General
-
Target
c8b18812a46d48dce7c483a9bdee831108abde3da7c618d084cf8b70cc4fada8
-
Size
359KB
-
Sample
211103-nff7nsdfc9
-
MD5
00262b7099fdf538b7481a1eb96f1a26
-
SHA1
531ab41c968d6548e31958ccbe4b28423b398b71
-
SHA256
c8b18812a46d48dce7c483a9bdee831108abde3da7c618d084cf8b70cc4fada8
-
SHA512
8ede8c6dd73a69032e9bf9bdebb0d118796aff1aa40d7487ab6b20a9880147b91d140cd12bebd454d98e66fa307ee2cb27636e2034d979a7645f3b8eaf9e08c5
Malware Config
Extracted
redline
SomeBody
185.215.113.29:36224
Targets
-
-
Target
c8b18812a46d48dce7c483a9bdee831108abde3da7c618d084cf8b70cc4fada8
-
Size
359KB
-
MD5
00262b7099fdf538b7481a1eb96f1a26
-
SHA1
531ab41c968d6548e31958ccbe4b28423b398b71
-
SHA256
c8b18812a46d48dce7c483a9bdee831108abde3da7c618d084cf8b70cc4fada8
-
SHA512
8ede8c6dd73a69032e9bf9bdebb0d118796aff1aa40d7487ab6b20a9880147b91d140cd12bebd454d98e66fa307ee2cb27636e2034d979a7645f3b8eaf9e08c5
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-