General
-
Target
f7fabee53745445f7f6cdac42c1101d81612950b7a80968ba0a3d3701745ddec
-
Size
374KB
-
Sample
210914-wmax8sbbaj
-
MD5
0312f2191f93ea4da9ee69d7a5a3026b
-
SHA1
01c7e7f501bb567448fdc678072b7bb21b9c9dc2
-
SHA256
f7fabee53745445f7f6cdac42c1101d81612950b7a80968ba0a3d3701745ddec
-
SHA512
66e884b0de561b52b92fca0af9edfcc533d562b2d3603b8b7e3b19fe2aad8d18858bb76942eab2816d2e24fd2e8228933ed800a97b307a6f7a007c15660684ad
Malware Config
Extracted
redline
10fk
185.45.192.203:80
Targets
-
-
Target
f7fabee53745445f7f6cdac42c1101d81612950b7a80968ba0a3d3701745ddec
-
Size
374KB
-
MD5
0312f2191f93ea4da9ee69d7a5a3026b
-
SHA1
01c7e7f501bb567448fdc678072b7bb21b9c9dc2
-
SHA256
f7fabee53745445f7f6cdac42c1101d81612950b7a80968ba0a3d3701745ddec
-
SHA512
66e884b0de561b52b92fca0af9edfcc533d562b2d3603b8b7e3b19fe2aad8d18858bb76942eab2816d2e24fd2e8228933ed800a97b307a6f7a007c15660684ad
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-