General
-
Target
69e70773fe88709369072158df3084f5fefbdfea42daac5f7bba22c235c670b5
-
Size
462KB
-
Sample
220128-27wnbsgcc9
-
MD5
59cf5111586354f17f1893d08883d94f
-
SHA1
1e2bd3ecd964a1ae5506b595837448e68d466c02
-
SHA256
69e70773fe88709369072158df3084f5fefbdfea42daac5f7bba22c235c670b5
-
SHA512
e64767a19bad4330964e51b4fe60df1fc35d2a2951bb25874c63e0bf0d76d8f21ca78dc0376f2b3a7ba8c47c7470a35c043260a16a9c858c7606bbccd419f556
Malware Config
Extracted
redline
ruzkiKAKOYTO
185.215.113.29:20819
Targets
-
-
Target
69e70773fe88709369072158df3084f5fefbdfea42daac5f7bba22c235c670b5
-
Size
462KB
-
MD5
59cf5111586354f17f1893d08883d94f
-
SHA1
1e2bd3ecd964a1ae5506b595837448e68d466c02
-
SHA256
69e70773fe88709369072158df3084f5fefbdfea42daac5f7bba22c235c670b5
-
SHA512
e64767a19bad4330964e51b4fe60df1fc35d2a2951bb25874c63e0bf0d76d8f21ca78dc0376f2b3a7ba8c47c7470a35c043260a16a9c858c7606bbccd419f556
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-