General
-
Target
a4289ca2a52be939946377a53f400f3797f47f7cb54e499c1468ef8fe4dc7bda
-
Size
337KB
-
Sample
220210-d8hk4adbbm
-
MD5
f75609c101108e13154b6b91b8de8f0a
-
SHA1
b56951755f879cd71a009d1ea3576198bb006e2f
-
SHA256
a4289ca2a52be939946377a53f400f3797f47f7cb54e499c1468ef8fe4dc7bda
-
SHA512
3925e9a865f7481b1594dedd5056982c0a8fbe2e605b3c2f31704f68826ffb53b93939000df4e109bb3cbf513ae39c93f7c907b3edc238d4d4137fd528b2dce8
Malware Config
Extracted
redline
noname
185.215.113.29:20819
Targets
-
-
Target
a4289ca2a52be939946377a53f400f3797f47f7cb54e499c1468ef8fe4dc7bda
-
Size
337KB
-
MD5
f75609c101108e13154b6b91b8de8f0a
-
SHA1
b56951755f879cd71a009d1ea3576198bb006e2f
-
SHA256
a4289ca2a52be939946377a53f400f3797f47f7cb54e499c1468ef8fe4dc7bda
-
SHA512
3925e9a865f7481b1594dedd5056982c0a8fbe2e605b3c2f31704f68826ffb53b93939000df4e109bb3cbf513ae39c93f7c907b3edc238d4d4137fd528b2dce8
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-