General
-
Target
bbd1885d6a388cb3fceb097f5c297483a424904ca198a0a9e36f548be2441777
-
Size
376KB
-
Sample
220122-lgwbwaadf2
-
MD5
4b6c89d96399a363494357ba68acd82a
-
SHA1
8a3b354093d8d0513d50fd4be372483befbb2620
-
SHA256
bbd1885d6a388cb3fceb097f5c297483a424904ca198a0a9e36f548be2441777
-
SHA512
7f3002d0153542734cfa8773927fe3deacc5fa4e1030784cea5c2bbccc1d167dbbdbd81f2002014f1b41663df5ecb6204251deb318d3ce9caa4b38fb49aeed79
Malware Config
Extracted
redline
NONAME
45.9.20.111:1355
Targets
-
-
Target
bbd1885d6a388cb3fceb097f5c297483a424904ca198a0a9e36f548be2441777
-
Size
376KB
-
MD5
4b6c89d96399a363494357ba68acd82a
-
SHA1
8a3b354093d8d0513d50fd4be372483befbb2620
-
SHA256
bbd1885d6a388cb3fceb097f5c297483a424904ca198a0a9e36f548be2441777
-
SHA512
7f3002d0153542734cfa8773927fe3deacc5fa4e1030784cea5c2bbccc1d167dbbdbd81f2002014f1b41663df5ecb6204251deb318d3ce9caa4b38fb49aeed79
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-