General
-
Target
ae4595ed7e19e26f6399a7a5cd4160907aef371fb1d0af81f5a032ad57681101
-
Size
250KB
-
Sample
210926-mx6yzsefcr
-
MD5
e60b98bccb2229cb5a3273a851fe0f92
-
SHA1
2f78ef77e7abc51c82cde8cdc8763315c82f9cfe
-
SHA256
ae4595ed7e19e26f6399a7a5cd4160907aef371fb1d0af81f5a032ad57681101
-
SHA512
cc88b892686c605baf9040be76d7a1f3586e0bc088b0792a1676ba2c4eabc77314763a673f00187463de81abbcef5db734c1d1fa6c72752085ff43d6353073ce
Malware Config
Extracted
redline
PUB
45.9.20.20:13441
Targets
-
-
Target
ae4595ed7e19e26f6399a7a5cd4160907aef371fb1d0af81f5a032ad57681101
-
Size
250KB
-
MD5
e60b98bccb2229cb5a3273a851fe0f92
-
SHA1
2f78ef77e7abc51c82cde8cdc8763315c82f9cfe
-
SHA256
ae4595ed7e19e26f6399a7a5cd4160907aef371fb1d0af81f5a032ad57681101
-
SHA512
cc88b892686c605baf9040be76d7a1f3586e0bc088b0792a1676ba2c4eabc77314763a673f00187463de81abbcef5db734c1d1fa6c72752085ff43d6353073ce
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-