General
-
Target
72ea1b52a221d61a11246755b66942e5722219c41ef4ead2f93d28902937678c
-
Size
414KB
-
Sample
211105-jjxavagadn
-
MD5
5367a7cb752853df2306eaef10b0eb64
-
SHA1
061b5e76b1fbdd297ef4a9a92b95dd0522858163
-
SHA256
72ea1b52a221d61a11246755b66942e5722219c41ef4ead2f93d28902937678c
-
SHA512
5b29e73bb6323113e1a16c7bd94aa5fd3a0b7fe15ae2b6216658b76638ee927e12f427892fbab8fd9c75421e1abd7ca6699be634fc7e6e9944489840b34b2b23
Malware Config
Extracted
redline
SomeBody
185.215.113.29:36224
Targets
-
-
Target
72ea1b52a221d61a11246755b66942e5722219c41ef4ead2f93d28902937678c
-
Size
414KB
-
MD5
5367a7cb752853df2306eaef10b0eb64
-
SHA1
061b5e76b1fbdd297ef4a9a92b95dd0522858163
-
SHA256
72ea1b52a221d61a11246755b66942e5722219c41ef4ead2f93d28902937678c
-
SHA512
5b29e73bb6323113e1a16c7bd94aa5fd3a0b7fe15ae2b6216658b76638ee927e12f427892fbab8fd9c75421e1abd7ca6699be634fc7e6e9944489840b34b2b23
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-