General
-
Target
88311b920d0a9a6f205e820cbc69cd929eabc98039e0ef0a5bda621c8321fcf3
-
Size
369KB
-
Sample
211016-fgfcrsbfh4
-
MD5
8797148eab341734755a0787acea03e5
-
SHA1
c4637a3ffbf2f9fc06967deb19f77aaa7d55c125
-
SHA256
88311b920d0a9a6f205e820cbc69cd929eabc98039e0ef0a5bda621c8321fcf3
-
SHA512
d7eb3625bd58f1aa80b72769d7534e8de2130f5517c0ef8099f9d1572d44fa900da8e87cf7fda749a298e58fe7d3aff6124db24ed78f539b6f80bd276d532675
Malware Config
Extracted
redline
UTS
45.9.20.182:52236
Targets
-
-
Target
88311b920d0a9a6f205e820cbc69cd929eabc98039e0ef0a5bda621c8321fcf3
-
Size
369KB
-
MD5
8797148eab341734755a0787acea03e5
-
SHA1
c4637a3ffbf2f9fc06967deb19f77aaa7d55c125
-
SHA256
88311b920d0a9a6f205e820cbc69cd929eabc98039e0ef0a5bda621c8321fcf3
-
SHA512
d7eb3625bd58f1aa80b72769d7534e8de2130f5517c0ef8099f9d1572d44fa900da8e87cf7fda749a298e58fe7d3aff6124db24ed78f539b6f80bd276d532675
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-