General
-
Target
e19184e5df9e8e5ed532612d42a221a4ebfeafd4d9b357660befddd2f0b8707b
-
Size
386KB
-
Sample
211015-qvecqsbfhj
-
MD5
285c46c5ae76cb263286011e6c721724
-
SHA1
9ea2df1638124141781d24b9c317a3926af126e4
-
SHA256
e19184e5df9e8e5ed532612d42a221a4ebfeafd4d9b357660befddd2f0b8707b
-
SHA512
588793058b15fb872212af86c028073543ee240784f8a84a5358e16e191c0a4e91fa68498e797eae4922940a6cf7677367c01c25b8f46d1c3005682a102972f1
Malware Config
Extracted
redline
paladin
37.228.129.48:29795
Targets
-
-
Target
e19184e5df9e8e5ed532612d42a221a4ebfeafd4d9b357660befddd2f0b8707b
-
Size
386KB
-
MD5
285c46c5ae76cb263286011e6c721724
-
SHA1
9ea2df1638124141781d24b9c317a3926af126e4
-
SHA256
e19184e5df9e8e5ed532612d42a221a4ebfeafd4d9b357660befddd2f0b8707b
-
SHA512
588793058b15fb872212af86c028073543ee240784f8a84a5358e16e191c0a4e91fa68498e797eae4922940a6cf7677367c01c25b8f46d1c3005682a102972f1
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-