General
-
Target
15e0660160336a90b540405ad7ae6b7e5d0997d240570d4aeaf4efb2e9f613c6
-
Size
370KB
-
Sample
210914-p9sy1aagbl
-
MD5
f954d1e48e06599715e2d91bd6d161c5
-
SHA1
b6480aad8216adc90aec9c3ae69a2fc9b1177a7a
-
SHA256
15e0660160336a90b540405ad7ae6b7e5d0997d240570d4aeaf4efb2e9f613c6
-
SHA512
6fc939b213c2c0a7a7c9a9f3fbafc04c12330d644064329c4d1e17e87840eca071a961ed739a34c7593343ec27492eba70fd9370254a6b169045fbba2a02ae9f
Malware Config
Extracted
redline
10fk
185.45.192.203:80
Targets
-
-
Target
15e0660160336a90b540405ad7ae6b7e5d0997d240570d4aeaf4efb2e9f613c6
-
Size
370KB
-
MD5
f954d1e48e06599715e2d91bd6d161c5
-
SHA1
b6480aad8216adc90aec9c3ae69a2fc9b1177a7a
-
SHA256
15e0660160336a90b540405ad7ae6b7e5d0997d240570d4aeaf4efb2e9f613c6
-
SHA512
6fc939b213c2c0a7a7c9a9f3fbafc04c12330d644064329c4d1e17e87840eca071a961ed739a34c7593343ec27492eba70fd9370254a6b169045fbba2a02ae9f
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-