General
-
Target
dfe5eae61d6cbb959899ea6894a89e817c858af3609eb2326204cd72db93f145
-
Size
440KB
-
Sample
220121-mp13rsehhn
-
MD5
cb56664e144e39f26a47a705e0b0c5aa
-
SHA1
c565d72a073af1e356247434e763884c120c5067
-
SHA256
dfe5eae61d6cbb959899ea6894a89e817c858af3609eb2326204cd72db93f145
-
SHA512
a90d7034e37b3544f8ff6163094ea88c1c02b5cfc3078460c67183ad54fd7a6a4150237be53b5b78e088e3ad9f9bcda1966013cbf58dc60b77f5e5f87124a9ab
Malware Config
Extracted
redline
NONAME
45.9.20.111:1355
Targets
-
-
Target
dfe5eae61d6cbb959899ea6894a89e817c858af3609eb2326204cd72db93f145
-
Size
440KB
-
MD5
cb56664e144e39f26a47a705e0b0c5aa
-
SHA1
c565d72a073af1e356247434e763884c120c5067
-
SHA256
dfe5eae61d6cbb959899ea6894a89e817c858af3609eb2326204cd72db93f145
-
SHA512
a90d7034e37b3544f8ff6163094ea88c1c02b5cfc3078460c67183ad54fd7a6a4150237be53b5b78e088e3ad9f9bcda1966013cbf58dc60b77f5e5f87124a9ab
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-