General
-
Target
93fb26d3ff129f0f7ca19427a020a45331071eb4eb3027fecc5304ded960627b
-
Size
383KB
-
Sample
220209-xrrl8abdgp
-
MD5
214706ecd13b882b69b35c984cc1bc93
-
SHA1
ac3b63b829e006339ea7b91e43b5a310561272b8
-
SHA256
93fb26d3ff129f0f7ca19427a020a45331071eb4eb3027fecc5304ded960627b
-
SHA512
b79671b44eb394fa80e1a7cfac77d72b61579c82ff72079261ea65d6eda67586c128bb13f34c10b4891b7f0571d978f65b52081ff85fd28d52f029f80c9de106
Malware Config
Extracted
redline
noname
185.215.113.29:20819
Targets
-
-
Target
93fb26d3ff129f0f7ca19427a020a45331071eb4eb3027fecc5304ded960627b
-
Size
383KB
-
MD5
214706ecd13b882b69b35c984cc1bc93
-
SHA1
ac3b63b829e006339ea7b91e43b5a310561272b8
-
SHA256
93fb26d3ff129f0f7ca19427a020a45331071eb4eb3027fecc5304ded960627b
-
SHA512
b79671b44eb394fa80e1a7cfac77d72b61579c82ff72079261ea65d6eda67586c128bb13f34c10b4891b7f0571d978f65b52081ff85fd28d52f029f80c9de106
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-