General
-
Target
217fb6cf79c59798a432b0dbb1b2f287.exe
-
Size
389KB
-
Sample
220124-gx86fsddgj
-
MD5
217fb6cf79c59798a432b0dbb1b2f287
-
SHA1
bfb545ce4e6383638195764002256f02c8d2a9e3
-
SHA256
5b3c59db7560ddf92f3480b42f7114dbd0d32d64364487b85f1cbb4156c5d9d8
-
SHA512
80a8c147628b053a3a2251e0ac8a99e02d6ed80ddbd4a7357ddfa43430e2e8c28e055d7033cd08c49212fce3f3efebf0496765f017453fbdbcc23eab8f2f50a1
Malware Config
Extracted
redline
NONAME
45.9.20.111:1355
Targets
-
-
Target
217fb6cf79c59798a432b0dbb1b2f287.exe
-
Size
389KB
-
MD5
217fb6cf79c59798a432b0dbb1b2f287
-
SHA1
bfb545ce4e6383638195764002256f02c8d2a9e3
-
SHA256
5b3c59db7560ddf92f3480b42f7114dbd0d32d64364487b85f1cbb4156c5d9d8
-
SHA512
80a8c147628b053a3a2251e0ac8a99e02d6ed80ddbd4a7357ddfa43430e2e8c28e055d7033cd08c49212fce3f3efebf0496765f017453fbdbcc23eab8f2f50a1
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-