General
-
Target
1eb2c4a779227792c3b70ee18580ef64dde384445f7eb7732aefb17d41e02fe5
-
Size
250KB
-
Sample
210926-mx5qxsefcq
-
MD5
56b5e2d40e3d65c4d644af75ed5b98fe
-
SHA1
e46482b5ed6ea37845cfe35a2c90cecdf3bf5f56
-
SHA256
1eb2c4a779227792c3b70ee18580ef64dde384445f7eb7732aefb17d41e02fe5
-
SHA512
464f8cf0c268408d8d5469740be53973379fc907f36a849ee72ae2a2461cdde337577ca4c6ea740a7043d1c0375f39a5312ff1ccb8a04e142fe7f60da119c88e
Malware Config
Extracted
redline
UDP
45.9.20.20:13441
Targets
-
-
Target
1eb2c4a779227792c3b70ee18580ef64dde384445f7eb7732aefb17d41e02fe5
-
Size
250KB
-
MD5
56b5e2d40e3d65c4d644af75ed5b98fe
-
SHA1
e46482b5ed6ea37845cfe35a2c90cecdf3bf5f56
-
SHA256
1eb2c4a779227792c3b70ee18580ef64dde384445f7eb7732aefb17d41e02fe5
-
SHA512
464f8cf0c268408d8d5469740be53973379fc907f36a849ee72ae2a2461cdde337577ca4c6ea740a7043d1c0375f39a5312ff1ccb8a04e142fe7f60da119c88e
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-