General
-
Target
3c461ba3a50f03d9fc1bf32598a07ee00b00e350f99d91e3a38031d54f732fe7
-
Size
239KB
-
Sample
211104-a1d16afef2
-
MD5
759239d79e70c62c8246d32734cb329d
-
SHA1
100217c03c2fee3d7e522e99fd0f5dae868c0bb8
-
SHA256
3c461ba3a50f03d9fc1bf32598a07ee00b00e350f99d91e3a38031d54f732fe7
-
SHA512
64229d471bcacd0904daaf4c68410fe5afc8e77de2454fe368e08d1e7c1d4ba10fdead829dad6ec19e060b60d05c1065c17995890da7e28b17509f83a3441963
Malware Config
Extracted
redline
SomeBody
185.215.113.29:36224
Targets
-
-
Target
3c461ba3a50f03d9fc1bf32598a07ee00b00e350f99d91e3a38031d54f732fe7
-
Size
239KB
-
MD5
759239d79e70c62c8246d32734cb329d
-
SHA1
100217c03c2fee3d7e522e99fd0f5dae868c0bb8
-
SHA256
3c461ba3a50f03d9fc1bf32598a07ee00b00e350f99d91e3a38031d54f732fe7
-
SHA512
64229d471bcacd0904daaf4c68410fe5afc8e77de2454fe368e08d1e7c1d4ba10fdead829dad6ec19e060b60d05c1065c17995890da7e28b17509f83a3441963
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-