General
-
Target
5f1f78b0cc68363fad3d9ba925a1b260a9cf91e49a6ec28940632c7b9f30fa9a
-
Size
441KB
-
Sample
220117-rtwq3aafd5
-
MD5
325ab5dbc49329bb0f994df596874c45
-
SHA1
2a168386be7c32c1a433a5cd5239bb73d58dcee2
-
SHA256
5f1f78b0cc68363fad3d9ba925a1b260a9cf91e49a6ec28940632c7b9f30fa9a
-
SHA512
1c68e3e005e3ba5c771a5b8108334d2dacaa393225c5b3b05dffc6b80e8458f91c90298145241c2550e152e75b09d8959c0bc74759eff0fe9d9542cc3aa327f4
Malware Config
Extracted
redline
noname
185.215.113.29:34865
Targets
-
-
Target
5f1f78b0cc68363fad3d9ba925a1b260a9cf91e49a6ec28940632c7b9f30fa9a
-
Size
441KB
-
MD5
325ab5dbc49329bb0f994df596874c45
-
SHA1
2a168386be7c32c1a433a5cd5239bb73d58dcee2
-
SHA256
5f1f78b0cc68363fad3d9ba925a1b260a9cf91e49a6ec28940632c7b9f30fa9a
-
SHA512
1c68e3e005e3ba5c771a5b8108334d2dacaa393225c5b3b05dffc6b80e8458f91c90298145241c2550e152e75b09d8959c0bc74759eff0fe9d9542cc3aa327f4
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-