General
-
Target
d145a2714e9f6a901e0c03212bc364a6
-
Size
543KB
-
Sample
220126-rjg5xseaf6
-
MD5
d145a2714e9f6a901e0c03212bc364a6
-
SHA1
f14cff1b83baafd35f3df634016082439255d60d
-
SHA256
72d6c13caf04858e548d6203509d3449d70782d7d21e3d6b173ec810ec609553
-
SHA512
6b91ca8be7cf920e9ba75f1c2e476fb29c853870afe14ca2488b8f505c5ed8679b5542f73ea8af86669bb7938e89b179075a27878a48b646ac46ee3afe3b7788
Malware Config
Targets
-
-
Target
d145a2714e9f6a901e0c03212bc364a6
-
Size
543KB
-
MD5
d145a2714e9f6a901e0c03212bc364a6
-
SHA1
f14cff1b83baafd35f3df634016082439255d60d
-
SHA256
72d6c13caf04858e548d6203509d3449d70782d7d21e3d6b173ec810ec609553
-
SHA512
6b91ca8be7cf920e9ba75f1c2e476fb29c853870afe14ca2488b8f505c5ed8679b5542f73ea8af86669bb7938e89b179075a27878a48b646ac46ee3afe3b7788
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-