General
-
Target
148290dd3400d8d17f00e17afd8951a7fa7a7b19536188f9bda3d90b08974a82
-
Size
466KB
-
Sample
220126-zeg85aaea8
-
MD5
4b13368add09cdb4ba6c0f2e1f03d5ca
-
SHA1
031d76e04af23088b64bbc3715abc2f98e60de21
-
SHA256
148290dd3400d8d17f00e17afd8951a7fa7a7b19536188f9bda3d90b08974a82
-
SHA512
cf8775650364bb0067f741bcc8fce448998ac3adb29e9678d5f2b4ba77c30f56618dee3e0261370bb7f158845e947bc67201ac6ed65aa8040c44cbb5b6eb8be1
Malware Config
Extracted
redline
noname
185.215.113.29:20819
Targets
-
-
Target
148290dd3400d8d17f00e17afd8951a7fa7a7b19536188f9bda3d90b08974a82
-
Size
466KB
-
MD5
4b13368add09cdb4ba6c0f2e1f03d5ca
-
SHA1
031d76e04af23088b64bbc3715abc2f98e60de21
-
SHA256
148290dd3400d8d17f00e17afd8951a7fa7a7b19536188f9bda3d90b08974a82
-
SHA512
cf8775650364bb0067f741bcc8fce448998ac3adb29e9678d5f2b4ba77c30f56618dee3e0261370bb7f158845e947bc67201ac6ed65aa8040c44cbb5b6eb8be1
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-