General
-
Target
6e5543ff9e3a55856f2d52424cb614676d710df6c789fd6e8b53b446580b1ee5
-
Size
369KB
-
Sample
211015-1p1c5abee8
-
MD5
87d26786f052a76252fa0acaa0cb0b6e
-
SHA1
9592d3c91c126834346786d26fb09e1663690639
-
SHA256
6e5543ff9e3a55856f2d52424cb614676d710df6c789fd6e8b53b446580b1ee5
-
SHA512
56324886f5acfc49b5a08ee6c02640ca11d8164e715ca45e283c270703dcdfc7c8f2a0d86af6bfc5a520a5f8273c58c1c89340b25cd60eed8fd5dec147f76f9c
Malware Config
Extracted
redline
UDP
45.9.20.182:52236
Targets
-
-
Target
6e5543ff9e3a55856f2d52424cb614676d710df6c789fd6e8b53b446580b1ee5
-
Size
369KB
-
MD5
87d26786f052a76252fa0acaa0cb0b6e
-
SHA1
9592d3c91c126834346786d26fb09e1663690639
-
SHA256
6e5543ff9e3a55856f2d52424cb614676d710df6c789fd6e8b53b446580b1ee5
-
SHA512
56324886f5acfc49b5a08ee6c02640ca11d8164e715ca45e283c270703dcdfc7c8f2a0d86af6bfc5a520a5f8273c58c1c89340b25cd60eed8fd5dec147f76f9c
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-