General
-
Target
f8bf864d4036cf506e532ee16d6adce320e3364587ea068d44edb481bcdfd190
-
Size
414KB
-
Sample
211020-13yrfshfd5
-
MD5
7b28732e01956143d39d31c3ca7f0c2b
-
SHA1
ad8167ece542a4eb521ce1140c2fb0f9eb83b65e
-
SHA256
f8bf864d4036cf506e532ee16d6adce320e3364587ea068d44edb481bcdfd190
-
SHA512
930c43fbedd3563b7fd08a3da6906beb6bc92a46808fc60b4f64f3290dfb6beb642ce607317f82615f3fe43971a24d1a8fd209f72a58f8df5b212c2ec7d6ce20
Malware Config
Extracted
redline
UDP
45.9.20.182:52236
Targets
-
-
Target
f8bf864d4036cf506e532ee16d6adce320e3364587ea068d44edb481bcdfd190
-
Size
414KB
-
MD5
7b28732e01956143d39d31c3ca7f0c2b
-
SHA1
ad8167ece542a4eb521ce1140c2fb0f9eb83b65e
-
SHA256
f8bf864d4036cf506e532ee16d6adce320e3364587ea068d44edb481bcdfd190
-
SHA512
930c43fbedd3563b7fd08a3da6906beb6bc92a46808fc60b4f64f3290dfb6beb642ce607317f82615f3fe43971a24d1a8fd209f72a58f8df5b212c2ec7d6ce20
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-