General
-
Target
401e9c838d85a046e62427d861f3f80b27ada162c9c1196abe0912fb5961357a
-
Size
399KB
-
Sample
220130-skelvsdeh9
-
MD5
1f234363586656275db1aa4a4e398ad5
-
SHA1
af8a3b27632d99e0cc81afdbb440b9227b2c4b1c
-
SHA256
401e9c838d85a046e62427d861f3f80b27ada162c9c1196abe0912fb5961357a
-
SHA512
da34c6953074fd30e631138d2272cc8bb0481e18f80fbcc1dc3bd0a6a2db70192241460e5d03369b03f51393e3b364c9151694382df06b5e57eb1b100006c7f1
Malware Config
Extracted
redline
noname
185.215.113.29:20819
Targets
-
-
Target
401e9c838d85a046e62427d861f3f80b27ada162c9c1196abe0912fb5961357a
-
Size
399KB
-
MD5
1f234363586656275db1aa4a4e398ad5
-
SHA1
af8a3b27632d99e0cc81afdbb440b9227b2c4b1c
-
SHA256
401e9c838d85a046e62427d861f3f80b27ada162c9c1196abe0912fb5961357a
-
SHA512
da34c6953074fd30e631138d2272cc8bb0481e18f80fbcc1dc3bd0a6a2db70192241460e5d03369b03f51393e3b364c9151694382df06b5e57eb1b100006c7f1
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-