General
-
Target
9ff41e6d4a921d52b95c48b7595998c24faff0bc89e53cd2c6b6ba27d866d9bf
-
Size
370KB
-
Sample
210914-ababnseeg2
-
MD5
2e289adef44b0485b1c94ecb5d9b766b
-
SHA1
b898aebbda9e4edb2e5d1cf0649ab614b8b86144
-
SHA256
9ff41e6d4a921d52b95c48b7595998c24faff0bc89e53cd2c6b6ba27d866d9bf
-
SHA512
ad5465badcf7793519192bb8c5a41a906c009f96dbc46f03f074e05b886246dddab522cef19af3e3912f45c627050f42b6d26b5b494083310abc65bc089a8259
Malware Config
Extracted
redline
10fk
185.45.192.203:80
Targets
-
-
Target
9ff41e6d4a921d52b95c48b7595998c24faff0bc89e53cd2c6b6ba27d866d9bf
-
Size
370KB
-
MD5
2e289adef44b0485b1c94ecb5d9b766b
-
SHA1
b898aebbda9e4edb2e5d1cf0649ab614b8b86144
-
SHA256
9ff41e6d4a921d52b95c48b7595998c24faff0bc89e53cd2c6b6ba27d866d9bf
-
SHA512
ad5465badcf7793519192bb8c5a41a906c009f96dbc46f03f074e05b886246dddab522cef19af3e3912f45c627050f42b6d26b5b494083310abc65bc089a8259
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-