General
-
Target
cbcdcc44f892c5657ff815ebe9836939e897ded85c3f62bd2479c1624622aac0
-
Size
391KB
-
Sample
211015-vh1gnabhej
-
MD5
3002900d5f073dfc61225961ceb2dfdf
-
SHA1
8a121d7a5d3b746ddb196252fe95ac11fefc425f
-
SHA256
cbcdcc44f892c5657ff815ebe9836939e897ded85c3f62bd2479c1624622aac0
-
SHA512
e7ea1ecb8e6ce906c600945f436c92ca2ad3639b1fb06f336aabf01fdb96720a1c09b78a3b4a580396124de3a46132e24e97bc7b4c139f53612146e17b263c77
Malware Config
Extracted
redline
paladin
37.228.129.48:29795
Targets
-
-
Target
cbcdcc44f892c5657ff815ebe9836939e897ded85c3f62bd2479c1624622aac0
-
Size
391KB
-
MD5
3002900d5f073dfc61225961ceb2dfdf
-
SHA1
8a121d7a5d3b746ddb196252fe95ac11fefc425f
-
SHA256
cbcdcc44f892c5657ff815ebe9836939e897ded85c3f62bd2479c1624622aac0
-
SHA512
e7ea1ecb8e6ce906c600945f436c92ca2ad3639b1fb06f336aabf01fdb96720a1c09b78a3b4a580396124de3a46132e24e97bc7b4c139f53612146e17b263c77
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-