General
-
Target
03ed67e8ee77ad737d605afb31ff67e20a4c575db65b42bd21f7b32e04cbf406
-
Size
381KB
-
Sample
211019-27e1ksgdf7
-
MD5
dac5b5ce4921f77df3d444d70299b5a6
-
SHA1
98f6aeea6de1c9d33c05f9fe7da39062480dc697
-
SHA256
03ed67e8ee77ad737d605afb31ff67e20a4c575db65b42bd21f7b32e04cbf406
-
SHA512
5961885fda1c7828853379c615e08790fe54e01632a6a44a2a2b896fd726dbfbd1ba11186f2849ddc445c4688c5f17ac22775233977c16d94b1321ca5a49fd47
Malware Config
Extracted
redline
PUB
45.9.20.182:52236
Targets
-
-
Target
03ed67e8ee77ad737d605afb31ff67e20a4c575db65b42bd21f7b32e04cbf406
-
Size
381KB
-
MD5
dac5b5ce4921f77df3d444d70299b5a6
-
SHA1
98f6aeea6de1c9d33c05f9fe7da39062480dc697
-
SHA256
03ed67e8ee77ad737d605afb31ff67e20a4c575db65b42bd21f7b32e04cbf406
-
SHA512
5961885fda1c7828853379c615e08790fe54e01632a6a44a2a2b896fd726dbfbd1ba11186f2849ddc445c4688c5f17ac22775233977c16d94b1321ca5a49fd47
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-