General
-
Target
5ad8f54317b538af5d785e120e38e869fb260e3cd014707c363b9ed57225095b
-
Size
414KB
-
Sample
211105-fj44xaaeg5
-
MD5
0a719b35c850db66683bbb116b1469d8
-
SHA1
8fd4b1353360088c0ff4d813a5e6e9320f3affb1
-
SHA256
5ad8f54317b538af5d785e120e38e869fb260e3cd014707c363b9ed57225095b
-
SHA512
603b8d76b245a85f0c72cb52dc7815fde9ebd244f2e11f0be73563c88679a578a8c8520f6cd68d7a8e895b29013568c87ff24cc246f3cdfeac475ee618d5bbef
Malware Config
Extracted
redline
SomeBody
185.215.113.29:36224
Targets
-
-
Target
5ad8f54317b538af5d785e120e38e869fb260e3cd014707c363b9ed57225095b
-
Size
414KB
-
MD5
0a719b35c850db66683bbb116b1469d8
-
SHA1
8fd4b1353360088c0ff4d813a5e6e9320f3affb1
-
SHA256
5ad8f54317b538af5d785e120e38e869fb260e3cd014707c363b9ed57225095b
-
SHA512
603b8d76b245a85f0c72cb52dc7815fde9ebd244f2e11f0be73563c88679a578a8c8520f6cd68d7a8e895b29013568c87ff24cc246f3cdfeac475ee618d5bbef
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-