General
-
Target
bd620bb07d9ca3cc5e7e6ccc288cee8772b36dceac3dc73afefdbc554656f218
-
Size
337KB
-
Sample
211019-2ez52shchn
-
MD5
d65d1c59b9c5c5052fd7e0320437e984
-
SHA1
a8dcc1059e8d563c7efeb81308d6466257340013
-
SHA256
bd620bb07d9ca3cc5e7e6ccc288cee8772b36dceac3dc73afefdbc554656f218
-
SHA512
6da24f617f510008d26aeceab26a7d47d34693dfb8c471430463ddfb72b80b0a495ef99dc5a91b6f5ef9ef62fcefe649e4d9caad8b8a54af78ee0d68d0720c02
Malware Config
Extracted
redline
PUB
45.9.20.182:52236
Targets
-
-
Target
bd620bb07d9ca3cc5e7e6ccc288cee8772b36dceac3dc73afefdbc554656f218
-
Size
337KB
-
MD5
d65d1c59b9c5c5052fd7e0320437e984
-
SHA1
a8dcc1059e8d563c7efeb81308d6466257340013
-
SHA256
bd620bb07d9ca3cc5e7e6ccc288cee8772b36dceac3dc73afefdbc554656f218
-
SHA512
6da24f617f510008d26aeceab26a7d47d34693dfb8c471430463ddfb72b80b0a495ef99dc5a91b6f5ef9ef62fcefe649e4d9caad8b8a54af78ee0d68d0720c02
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-