General
-
Target
059b3496851ba1a92fe8005f9f5d764917895f8ffc4780e3d2721daf377e02e9
-
Size
252KB
-
Sample
211106-agj33aacen
-
MD5
f88b6b23fc39e0e445172415bcb4d293
-
SHA1
13199416888bbb2c7b6c50310848645f8ac12db6
-
SHA256
059b3496851ba1a92fe8005f9f5d764917895f8ffc4780e3d2721daf377e02e9
-
SHA512
64a5b2f83f368875b70e4eaf6b1ea9ea21dedbf15942e4de9f843de3f7350c6c17f847a87da523686c2bb86a1a5bac6999c3e68c2dce58d09b0f910626266ba4
Malware Config
Extracted
redline
SomeBody
185.215.113.29:36224
Targets
-
-
Target
059b3496851ba1a92fe8005f9f5d764917895f8ffc4780e3d2721daf377e02e9
-
Size
252KB
-
MD5
f88b6b23fc39e0e445172415bcb4d293
-
SHA1
13199416888bbb2c7b6c50310848645f8ac12db6
-
SHA256
059b3496851ba1a92fe8005f9f5d764917895f8ffc4780e3d2721daf377e02e9
-
SHA512
64a5b2f83f368875b70e4eaf6b1ea9ea21dedbf15942e4de9f843de3f7350c6c17f847a87da523686c2bb86a1a5bac6999c3e68c2dce58d09b0f910626266ba4
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-