General
-
Target
file.exe
-
Size
303KB
-
Sample
230216-kfvtaagf88
-
MD5
38be316a8a1cc96f755886059673a83d
-
SHA1
4152ba7a4ac695408d14b64f5345e26f4d1586eb
-
SHA256
9c4fd015ee98e884ff12316a00717659c63d0c7aa168870ba99dbf0706903d27
-
SHA512
7b60436499e32ff9ca06e566ef1a187a749d73b41db7b9f5a977c9c4f9ce408db35dfeee194acc4928f19a904139be2912eb67f79b3c26d20748ac3b34951327
-
SSDEEP
6144:+EZLB207UOxo8fGlsNw34VSMEkjSWBIdo6sO85s2:+mt20gOzel1FXWBI+6sp
Malware Config
Targets
-
-
Target
file.exe
-
Size
303KB
-
MD5
38be316a8a1cc96f755886059673a83d
-
SHA1
4152ba7a4ac695408d14b64f5345e26f4d1586eb
-
SHA256
9c4fd015ee98e884ff12316a00717659c63d0c7aa168870ba99dbf0706903d27
-
SHA512
7b60436499e32ff9ca06e566ef1a187a749d73b41db7b9f5a977c9c4f9ce408db35dfeee194acc4928f19a904139be2912eb67f79b3c26d20748ac3b34951327
-
SSDEEP
6144:+EZLB207UOxo8fGlsNw34VSMEkjSWBIdo6sO85s2:+mt20gOzel1FXWBI+6sp
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-