General
-
Target
00a9275dd93ce464406eaac81a05d9bbed2b105a1d5ca60949a70a01b73a7983
-
Size
377KB
-
Sample
220123-d66j5seee3
-
MD5
0ca2853a09f766aa6478bef6e10c5b4c
-
SHA1
89ec353aa657c92f706a855cd30fdcafdbdff271
-
SHA256
00a9275dd93ce464406eaac81a05d9bbed2b105a1d5ca60949a70a01b73a7983
-
SHA512
8c01a21ad743512b03be3ef53608ca476c7d73e44b56be69ed4475b41e8a261ca0b30551a8734a1efb80d6ce76f4971ebded5e799b59dec6788e2f4108c44bce
Malware Config
Extracted
redline
NONAME
45.9.20.111:1355
Targets
-
-
Target
00a9275dd93ce464406eaac81a05d9bbed2b105a1d5ca60949a70a01b73a7983
-
Size
377KB
-
MD5
0ca2853a09f766aa6478bef6e10c5b4c
-
SHA1
89ec353aa657c92f706a855cd30fdcafdbdff271
-
SHA256
00a9275dd93ce464406eaac81a05d9bbed2b105a1d5ca60949a70a01b73a7983
-
SHA512
8c01a21ad743512b03be3ef53608ca476c7d73e44b56be69ed4475b41e8a261ca0b30551a8734a1efb80d6ce76f4971ebded5e799b59dec6788e2f4108c44bce
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-