General
-
Target
f8b705523e69074751c32a8297569b42af7d53ad4dc471d2243a9d586f60c41f
-
Size
378KB
-
Sample
220122-pvgbnabber
-
MD5
c788e2e5d44bccad10edfb3b7f975e9b
-
SHA1
b7a8a5dba8b9b4ad688363da2557154c3b78e4fd
-
SHA256
f8b705523e69074751c32a8297569b42af7d53ad4dc471d2243a9d586f60c41f
-
SHA512
b764c972221b13d47409773d9701f33b427eefba0ea5630776a6b18f181089bf9e7849c2c1f80fa08f93169f24fd5d7563cdfb3474d4972d81c4b0702f299769
Malware Config
Extracted
redline
NONAME
45.9.20.111:1355
Targets
-
-
Target
f8b705523e69074751c32a8297569b42af7d53ad4dc471d2243a9d586f60c41f
-
Size
378KB
-
MD5
c788e2e5d44bccad10edfb3b7f975e9b
-
SHA1
b7a8a5dba8b9b4ad688363da2557154c3b78e4fd
-
SHA256
f8b705523e69074751c32a8297569b42af7d53ad4dc471d2243a9d586f60c41f
-
SHA512
b764c972221b13d47409773d9701f33b427eefba0ea5630776a6b18f181089bf9e7849c2c1f80fa08f93169f24fd5d7563cdfb3474d4972d81c4b0702f299769
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-