General
-
Target
f41cf725f23f5ce9b8d259e12ca5e804c50f8396d8d0ceda25de89db7de214fb
-
Size
371KB
-
Sample
210914-d3ay3ahgdm
-
MD5
043ce848203378716897ac2d3fd7ceb1
-
SHA1
85d66e2081819ad40280e097eea915c4cc4eca58
-
SHA256
f41cf725f23f5ce9b8d259e12ca5e804c50f8396d8d0ceda25de89db7de214fb
-
SHA512
d3d7186d73c1afc7ecc23d8e82b2d48d1a51b8cb481e4e807e3c18d140488183e5d4f6df4fccadd798235582205bf161f93ab5a9319c2ba42565d327ece21a16
Malware Config
Extracted
redline
10fk
185.45.192.203:80
Targets
-
-
Target
f41cf725f23f5ce9b8d259e12ca5e804c50f8396d8d0ceda25de89db7de214fb
-
Size
371KB
-
MD5
043ce848203378716897ac2d3fd7ceb1
-
SHA1
85d66e2081819ad40280e097eea915c4cc4eca58
-
SHA256
f41cf725f23f5ce9b8d259e12ca5e804c50f8396d8d0ceda25de89db7de214fb
-
SHA512
d3d7186d73c1afc7ecc23d8e82b2d48d1a51b8cb481e4e807e3c18d140488183e5d4f6df4fccadd798235582205bf161f93ab5a9319c2ba42565d327ece21a16
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-