General
-
Target
d9a253b1cbf22dba374c65adf85d2c0c216dc93e862e57a832a79ea70e2e79f1
-
Size
369KB
-
Sample
211016-hmx6wacegp
-
MD5
7ffb6d417bc7c71cf54c9fa9b563e401
-
SHA1
f4e4bfd01d4536a16b464041f06153f2532ee360
-
SHA256
d9a253b1cbf22dba374c65adf85d2c0c216dc93e862e57a832a79ea70e2e79f1
-
SHA512
396f5bd36f4b8cb295c4c8a471eff0227852e631708b4abd75305c6e908bfbe830596f18dcb68a39e0cfac5c1a7b100be22e099f62495ccb90809769de79f4f7
Malware Config
Extracted
redline
UTS
45.9.20.182:52236
Targets
-
-
Target
d9a253b1cbf22dba374c65adf85d2c0c216dc93e862e57a832a79ea70e2e79f1
-
Size
369KB
-
MD5
7ffb6d417bc7c71cf54c9fa9b563e401
-
SHA1
f4e4bfd01d4536a16b464041f06153f2532ee360
-
SHA256
d9a253b1cbf22dba374c65adf85d2c0c216dc93e862e57a832a79ea70e2e79f1
-
SHA512
396f5bd36f4b8cb295c4c8a471eff0227852e631708b4abd75305c6e908bfbe830596f18dcb68a39e0cfac5c1a7b100be22e099f62495ccb90809769de79f4f7
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-