General
-
Target
19724b661cef850bada4fbdaf89f4c825cf4e66a26c9c23b53a21c897eec1db2
-
Size
413KB
-
Sample
211105-j8pbjagbcp
-
MD5
10ffbc50ee43f26ab2fd0f6ebabc8bff
-
SHA1
3d5b9d06756267514d21d9b62461dc35b80c880d
-
SHA256
19724b661cef850bada4fbdaf89f4c825cf4e66a26c9c23b53a21c897eec1db2
-
SHA512
8b04fe271ee88b2e1bb4aa7826af96d1273885524c8b7af0d98e6de3ea016dbd23bca30d3f6635908e4340ef187a8ff01c2dbef391d5273be3ce1b27d3cf05d9
Malware Config
Extracted
redline
SomeBody
185.215.113.29:36224
Targets
-
-
Target
19724b661cef850bada4fbdaf89f4c825cf4e66a26c9c23b53a21c897eec1db2
-
Size
413KB
-
MD5
10ffbc50ee43f26ab2fd0f6ebabc8bff
-
SHA1
3d5b9d06756267514d21d9b62461dc35b80c880d
-
SHA256
19724b661cef850bada4fbdaf89f4c825cf4e66a26c9c23b53a21c897eec1db2
-
SHA512
8b04fe271ee88b2e1bb4aa7826af96d1273885524c8b7af0d98e6de3ea016dbd23bca30d3f6635908e4340ef187a8ff01c2dbef391d5273be3ce1b27d3cf05d9
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-