Description
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
MVPInstaller.exe
255KB
220429-qee94aaeg4
883eb374a6710283bab49bd840d911c7
29416739657f2d2b7a900dca6ddeda755852818e
24bde190edd5fda4b47d376abef29d385d655c11ccfdeb314ffced065675cad4
b2a159e495624cee478be7d3ff409c9d89eb6e8cb021904ab302df4910874013a305ea10100fae12685d8fc0694d84c553e4f61a194498fd0d5ee2bf6cc5527d
Family | redline |
Botnet | 1 |
C2 |
116.202.19.253:30602 |
Attributes |
auth_value da0d7d77d8ec04c55cc5ace3d9113a5c |
MVPInstaller.exe
883eb374a6710283bab49bd840d911c7
255KB
29416739657f2d2b7a900dca6ddeda755852818e
24bde190edd5fda4b47d376abef29d385d655c11ccfdeb314ffced065675cad4
b2a159e495624cee478be7d3ff409c9d89eb6e8cb021904ab302df4910874013a305ea10100fae12685d8fc0694d84c553e4f61a194498fd0d5ee2bf6cc5527d
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
Infostealers often target stored browser data, which can include saved credentials etc.
Looks up Uninstall key entries in the registry to enumerate software on the system.