General
-
Target
bfcc61957bf31c636a339d802ac2ec9bf13e4eb3c84913a42ed291878968c440
-
Size
370KB
-
Sample
211015-vfpmdabhdr
-
MD5
f48fc3a740a066ec1dc2045a1b7b9205
-
SHA1
427b614597317fc0c09021e3e0d6acc861195225
-
SHA256
bfcc61957bf31c636a339d802ac2ec9bf13e4eb3c84913a42ed291878968c440
-
SHA512
60796abe825c2186279a88ca91e391daecf5c788f75921078da5a083f956389f117b24d168a16908eb38541b5e41e035aefc3b0cbb45a35106b109123fdd190b
Malware Config
Extracted
redline
PUB
45.9.20.182:52236
Targets
-
-
Target
bfcc61957bf31c636a339d802ac2ec9bf13e4eb3c84913a42ed291878968c440
-
Size
370KB
-
MD5
f48fc3a740a066ec1dc2045a1b7b9205
-
SHA1
427b614597317fc0c09021e3e0d6acc861195225
-
SHA256
bfcc61957bf31c636a339d802ac2ec9bf13e4eb3c84913a42ed291878968c440
-
SHA512
60796abe825c2186279a88ca91e391daecf5c788f75921078da5a083f956389f117b24d168a16908eb38541b5e41e035aefc3b0cbb45a35106b109123fdd190b
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-