General
-
Target
winPEASx64.exe
-
Size
2.3MB
-
Sample
240723-c8wx2stdrk
-
MD5
c8571c7b6618bc375e8f44f620087ecf
-
SHA1
80f6d4fc3490db93ce159e4316f722946b16d4af
-
SHA256
601d45d6171a926d6b78ea4c609858269ec357dc8d52eb05fccba2b81c160110
-
SHA512
0e401349940807a9c01cddb08ba81ea76583b327402f7436e39e14199dd2955d0471d3e30a9af096d0d1357101b4b42eb59f1b7ccd184ea7e28aabafd721bc5a
-
SSDEEP
24576:GmhVNthfzNX8l29eZCqfPqvx0uNKkThXHL5gjbG5:ZVRRX8s9eZPXu4kBHL5gX
Malware Config
Targets
-
-
Target
winPEASx64.exe
-
Size
2.3MB
-
MD5
c8571c7b6618bc375e8f44f620087ecf
-
SHA1
80f6d4fc3490db93ce159e4316f722946b16d4af
-
SHA256
601d45d6171a926d6b78ea4c609858269ec357dc8d52eb05fccba2b81c160110
-
SHA512
0e401349940807a9c01cddb08ba81ea76583b327402f7436e39e14199dd2955d0471d3e30a9af096d0d1357101b4b42eb59f1b7ccd184ea7e28aabafd721bc5a
-
SSDEEP
24576:GmhVNthfzNX8l29eZCqfPqvx0uNKkThXHL5gjbG5:ZVRRX8s9eZPXu4kBHL5gX
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-