General
-
Target
538abf878d2d36b671a833f27c8f9ff91fd70d616d3a4d942f7747da0ded3d3b
-
Size
428KB
-
Sample
220115-e2agkschap
-
MD5
be2c85cbfd4ce224ff295e3999644fb6
-
SHA1
5baeb254e964b0f4776b12f64d17f1bd68ef0f7f
-
SHA256
538abf878d2d36b671a833f27c8f9ff91fd70d616d3a4d942f7747da0ded3d3b
-
SHA512
b504021c2ec31286fddbbfa9845243e5761373e5a901bd01a32678dfd5128f7148d68c625d166ed5749002c3853650b3e11023b1f1639434582e945a2c0e1d10
Malware Config
Extracted
redline
noname
185.215.113.29:34865
Targets
-
-
Target
538abf878d2d36b671a833f27c8f9ff91fd70d616d3a4d942f7747da0ded3d3b
-
Size
428KB
-
MD5
be2c85cbfd4ce224ff295e3999644fb6
-
SHA1
5baeb254e964b0f4776b12f64d17f1bd68ef0f7f
-
SHA256
538abf878d2d36b671a833f27c8f9ff91fd70d616d3a4d942f7747da0ded3d3b
-
SHA512
b504021c2ec31286fddbbfa9845243e5761373e5a901bd01a32678dfd5128f7148d68c625d166ed5749002c3853650b3e11023b1f1639434582e945a2c0e1d10
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-