General
-
Target
d8af10111b6e179d3a7e94d6d48572d4efc1bcb999cd06a5f648fd35bce72424
-
Size
363KB
-
Sample
211103-p8sa3sbacr
-
MD5
287a3b254f286a4f058881606491e304
-
SHA1
b923a464993766a8cf617397b0f2635a9bea269d
-
SHA256
d8af10111b6e179d3a7e94d6d48572d4efc1bcb999cd06a5f648fd35bce72424
-
SHA512
5757e5ae3b7a6dafce3d75e2cb11e680bf002de2cf5dfcb3b5d21c4be6b4eede48a5aa8df1d18bd349f74c01bd7e25efc7450fe324fed251cefe8d9d6f0c00c0
Malware Config
Extracted
redline
SomeBody
185.215.113.29:36224
Targets
-
-
Target
d8af10111b6e179d3a7e94d6d48572d4efc1bcb999cd06a5f648fd35bce72424
-
Size
363KB
-
MD5
287a3b254f286a4f058881606491e304
-
SHA1
b923a464993766a8cf617397b0f2635a9bea269d
-
SHA256
d8af10111b6e179d3a7e94d6d48572d4efc1bcb999cd06a5f648fd35bce72424
-
SHA512
5757e5ae3b7a6dafce3d75e2cb11e680bf002de2cf5dfcb3b5d21c4be6b4eede48a5aa8df1d18bd349f74c01bd7e25efc7450fe324fed251cefe8d9d6f0c00c0
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-