General
-
Target
5d98497c5c1898b36f75cd63d5c70821c8f6e5d7fdff4417f9df5b2075093ab9
-
Size
411KB
-
Sample
211105-yycbjshhfn
-
MD5
fff9d33aec6d889cbcfe46ab53418241
-
SHA1
9bf5e2a449cc2aaa096e06e1adbf6975cb50171d
-
SHA256
5d98497c5c1898b36f75cd63d5c70821c8f6e5d7fdff4417f9df5b2075093ab9
-
SHA512
4ef5e35169f2cc807a6516e62684a6b2624a719a53354893bd221ae390ace7acf908f16cb79336dc828c38b64d3b15b8d488b0e18581133680e61e32cb7a2394
Malware Config
Extracted
redline
SomeBody
185.215.113.29:36224
Targets
-
-
Target
5d98497c5c1898b36f75cd63d5c70821c8f6e5d7fdff4417f9df5b2075093ab9
-
Size
411KB
-
MD5
fff9d33aec6d889cbcfe46ab53418241
-
SHA1
9bf5e2a449cc2aaa096e06e1adbf6975cb50171d
-
SHA256
5d98497c5c1898b36f75cd63d5c70821c8f6e5d7fdff4417f9df5b2075093ab9
-
SHA512
4ef5e35169f2cc807a6516e62684a6b2624a719a53354893bd221ae390ace7acf908f16cb79336dc828c38b64d3b15b8d488b0e18581133680e61e32cb7a2394
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-