General
-
Target
NEAS.ef70ab8f38ae5273d5b2ac82060e539923c26c834056879aaa9871c621fc4f60.exe
-
Size
914KB
-
Sample
231111-nmmyssee31
-
MD5
1c49588a1eef8af7ad12c06180412dfb
-
SHA1
0d0782cec044d1b0f48bb88ff7986f2d074c0565
-
SHA256
ef70ab8f38ae5273d5b2ac82060e539923c26c834056879aaa9871c621fc4f60
-
SHA512
ee1617ba5e82abb84467c72a40ed5582a23b3e481b57228a2333c2c73c0289625ed952bc74e34cdde8fef70d0befee5d72c9bff074fca3b9d1837b62fef3148e
-
SSDEEP
12288:SDiB3nOpUqPkvNnz1euPfERZnCO9C5o7Cga4RMqh3hinp+B:cpUqQJUZ59C5o+4Rc4
Malware Config
Targets
-
-
Target
NEAS.ef70ab8f38ae5273d5b2ac82060e539923c26c834056879aaa9871c621fc4f60.exe
-
Size
914KB
-
MD5
1c49588a1eef8af7ad12c06180412dfb
-
SHA1
0d0782cec044d1b0f48bb88ff7986f2d074c0565
-
SHA256
ef70ab8f38ae5273d5b2ac82060e539923c26c834056879aaa9871c621fc4f60
-
SHA512
ee1617ba5e82abb84467c72a40ed5582a23b3e481b57228a2333c2c73c0289625ed952bc74e34cdde8fef70d0befee5d72c9bff074fca3b9d1837b62fef3148e
-
SSDEEP
12288:SDiB3nOpUqPkvNnz1euPfERZnCO9C5o7Cga4RMqh3hinp+B:cpUqQJUZ59C5o+4Rc4
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-