General
-
Target
13750c275ef554ea0b8c4a75fff4ca9c15e367f4dc70816f1e6c0d5acc8b81e5
-
Size
363KB
-
Sample
211103-vcaztaece2
-
MD5
f70cc180e1519e27ca29ceb186109bd9
-
SHA1
95dee00f54932589836feacd038841a67f103378
-
SHA256
13750c275ef554ea0b8c4a75fff4ca9c15e367f4dc70816f1e6c0d5acc8b81e5
-
SHA512
c8823aafddcbd27abf5603827c6468f735a45dd9d8f23518fabb6a79702db643e0e2ef34702fd7331900bf84000c04433ac5a84919785d9ff7cb255bc8a61b7c
Malware Config
Extracted
redline
SomeBody
185.215.113.29:36224
Targets
-
-
Target
13750c275ef554ea0b8c4a75fff4ca9c15e367f4dc70816f1e6c0d5acc8b81e5
-
Size
363KB
-
MD5
f70cc180e1519e27ca29ceb186109bd9
-
SHA1
95dee00f54932589836feacd038841a67f103378
-
SHA256
13750c275ef554ea0b8c4a75fff4ca9c15e367f4dc70816f1e6c0d5acc8b81e5
-
SHA512
c8823aafddcbd27abf5603827c6468f735a45dd9d8f23518fabb6a79702db643e0e2ef34702fd7331900bf84000c04433ac5a84919785d9ff7cb255bc8a61b7c
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-