General
-
Target
2a4cdac2d12f25b9bc490b5a33ada1c3ecd392f430a01e9ff0ea6599206327dc
-
Size
336KB
-
Sample
211020-2zf8nsaefj
-
MD5
e329c39258b42852540150cbdc9231fa
-
SHA1
73830930f774da9ca6e239afb7b45acbfe12cb37
-
SHA256
2a4cdac2d12f25b9bc490b5a33ada1c3ecd392f430a01e9ff0ea6599206327dc
-
SHA512
6c6bd62d64d366393c1e4cf33b9f0794e9f077b15305f2f770fe26218232980f29f157939b811e12e39647e4ea009305d64b6f39bc7fc5d61de338fb5387130b
Malware Config
Extracted
redline
UTS
45.9.20.182:52236
Targets
-
-
Target
2a4cdac2d12f25b9bc490b5a33ada1c3ecd392f430a01e9ff0ea6599206327dc
-
Size
336KB
-
MD5
e329c39258b42852540150cbdc9231fa
-
SHA1
73830930f774da9ca6e239afb7b45acbfe12cb37
-
SHA256
2a4cdac2d12f25b9bc490b5a33ada1c3ecd392f430a01e9ff0ea6599206327dc
-
SHA512
6c6bd62d64d366393c1e4cf33b9f0794e9f077b15305f2f770fe26218232980f29f157939b811e12e39647e4ea009305d64b6f39bc7fc5d61de338fb5387130b
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-