General
-
Target
ea0c8c8f4ae1cb9a60f8fe532d9effa61a8fcec8ca0ca8b231fa73f2d5408c3c
-
Size
380KB
-
Sample
220127-k1y2faacdq
-
MD5
3490d8c4ddf715b103e851fff227c3eb
-
SHA1
6e456f5f062801c8a4130a94c21e2126b12fe033
-
SHA256
ea0c8c8f4ae1cb9a60f8fe532d9effa61a8fcec8ca0ca8b231fa73f2d5408c3c
-
SHA512
fa9421f9dc37773c8f0dc1592a6db4eee1b85d931c7aaf84e98a3c68f9ba76e84bdd394758ba1654d076b5bd9b84ff203ddbafdfe6c60eb14e370adc26fd64f6
Malware Config
Extracted
redline
noname
185.215.113.29:20819
Targets
-
-
Target
ea0c8c8f4ae1cb9a60f8fe532d9effa61a8fcec8ca0ca8b231fa73f2d5408c3c
-
Size
380KB
-
MD5
3490d8c4ddf715b103e851fff227c3eb
-
SHA1
6e456f5f062801c8a4130a94c21e2126b12fe033
-
SHA256
ea0c8c8f4ae1cb9a60f8fe532d9effa61a8fcec8ca0ca8b231fa73f2d5408c3c
-
SHA512
fa9421f9dc37773c8f0dc1592a6db4eee1b85d931c7aaf84e98a3c68f9ba76e84bdd394758ba1654d076b5bd9b84ff203ddbafdfe6c60eb14e370adc26fd64f6
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-