General
-
Target
d65b11abb4ee3da872e2e807169ba1a928fb2c920c5c3a5823f3317b55184f80
-
Size
390KB
-
Sample
220123-2bmqjsgdep
-
MD5
38863ccb69ff3c0ba428586f27868586
-
SHA1
644ac56d1c8885517cc2726a9be3dcac9e2962d6
-
SHA256
d65b11abb4ee3da872e2e807169ba1a928fb2c920c5c3a5823f3317b55184f80
-
SHA512
05631836dfdeba7e138e9b38b7c560c746fc7d4a13610741f7a963c65c1ba0e8fb3c1cffbe7c58361e5ce872fe9b164c110de14b0f8a169cae4f79dce0e67f6c
Malware Config
Extracted
redline
NONAME
45.9.20.111:1355
Targets
-
-
Target
d65b11abb4ee3da872e2e807169ba1a928fb2c920c5c3a5823f3317b55184f80
-
Size
390KB
-
MD5
38863ccb69ff3c0ba428586f27868586
-
SHA1
644ac56d1c8885517cc2726a9be3dcac9e2962d6
-
SHA256
d65b11abb4ee3da872e2e807169ba1a928fb2c920c5c3a5823f3317b55184f80
-
SHA512
05631836dfdeba7e138e9b38b7c560c746fc7d4a13610741f7a963c65c1ba0e8fb3c1cffbe7c58361e5ce872fe9b164c110de14b0f8a169cae4f79dce0e67f6c
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-