General
-
Target
e70adf0ad0513d3052baf2d07005c6bd17ef4e975fffc7afa2dca2c14df306c2
-
Size
390KB
-
Sample
211016-chwvcscdfq
-
MD5
9dbc1fe74aa8b7eed8dd6ada27834ee2
-
SHA1
c3dccb32387f35f63205e849b3139a9a1ae37b92
-
SHA256
e70adf0ad0513d3052baf2d07005c6bd17ef4e975fffc7afa2dca2c14df306c2
-
SHA512
a1618101109792b395e3305fbdb9de6e78e748075d4f6e7936f18c0635024948e06779ec611863a4f0acc27116f800df24f0153efe01836c2c0915f2726e532c
Malware Config
Extracted
redline
paladin
37.228.129.48:29795
Targets
-
-
Target
e70adf0ad0513d3052baf2d07005c6bd17ef4e975fffc7afa2dca2c14df306c2
-
Size
390KB
-
MD5
9dbc1fe74aa8b7eed8dd6ada27834ee2
-
SHA1
c3dccb32387f35f63205e849b3139a9a1ae37b92
-
SHA256
e70adf0ad0513d3052baf2d07005c6bd17ef4e975fffc7afa2dca2c14df306c2
-
SHA512
a1618101109792b395e3305fbdb9de6e78e748075d4f6e7936f18c0635024948e06779ec611863a4f0acc27116f800df24f0153efe01836c2c0915f2726e532c
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-