General
-
Target
21c15187a04d8825b6d5e13e81fc5ee8943bb6cbc55d83ed3daf5a1bfd3cdf30
-
Size
362KB
-
Sample
211103-xnmtvsedh2
-
MD5
63835e600b5166ba811938460bedfb72
-
SHA1
8b387e325c910bed83b368fa343c2ea56018a483
-
SHA256
21c15187a04d8825b6d5e13e81fc5ee8943bb6cbc55d83ed3daf5a1bfd3cdf30
-
SHA512
d9b4dc17b6e4d0e300a788c6f5d11cccbd032fe90c47ac754b710148d5e2423d6a6783f987d4f851f18ec73159a28896681b0bec347364e63c191c8cfb415fbf
Malware Config
Extracted
redline
SomeBody
185.215.113.29:36224
Targets
-
-
Target
21c15187a04d8825b6d5e13e81fc5ee8943bb6cbc55d83ed3daf5a1bfd3cdf30
-
Size
362KB
-
MD5
63835e600b5166ba811938460bedfb72
-
SHA1
8b387e325c910bed83b368fa343c2ea56018a483
-
SHA256
21c15187a04d8825b6d5e13e81fc5ee8943bb6cbc55d83ed3daf5a1bfd3cdf30
-
SHA512
d9b4dc17b6e4d0e300a788c6f5d11cccbd032fe90c47ac754b710148d5e2423d6a6783f987d4f851f18ec73159a28896681b0bec347364e63c191c8cfb415fbf
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-