General
-
Target
c2c452a7b49e1818e810bbc1182b6fa00ed888d7b3cf724e0e64fbb4c4990e3d
-
Size
410KB
-
Sample
211105-mepa8abda2
-
MD5
d3846bd6975dbfe531d69dab93b19f45
-
SHA1
4f5528bb930e1f0446ec9860c8f7fddfa2bb8a57
-
SHA256
c2c452a7b49e1818e810bbc1182b6fa00ed888d7b3cf724e0e64fbb4c4990e3d
-
SHA512
faaa2ac8cd499f77245c986c175709cead5e2fd8c65e6886bc0635bf89242160ff40cb6086b7887fc49eda53179e91fcb865a2930888930872039f6e39b226f4
Malware Config
Extracted
redline
SomeBody
185.215.113.29:36224
Targets
-
-
Target
c2c452a7b49e1818e810bbc1182b6fa00ed888d7b3cf724e0e64fbb4c4990e3d
-
Size
410KB
-
MD5
d3846bd6975dbfe531d69dab93b19f45
-
SHA1
4f5528bb930e1f0446ec9860c8f7fddfa2bb8a57
-
SHA256
c2c452a7b49e1818e810bbc1182b6fa00ed888d7b3cf724e0e64fbb4c4990e3d
-
SHA512
faaa2ac8cd499f77245c986c175709cead5e2fd8c65e6886bc0635bf89242160ff40cb6086b7887fc49eda53179e91fcb865a2930888930872039f6e39b226f4
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-