General
-
Target
0e659c9b1f62c90232029cce2ce9e5883fcf9b59c84dbbc25f83a8e765b60a7e
-
Size
336KB
-
Sample
211021-bqqgwahga8
-
MD5
13fd071c255816941b174ff92d3a2f07
-
SHA1
e747d65cdef2f14617bef2ae78420e2f2fcf7562
-
SHA256
0e659c9b1f62c90232029cce2ce9e5883fcf9b59c84dbbc25f83a8e765b60a7e
-
SHA512
850c02fc7e3a0002d6e61b5e7046d52944b97126b0ce95f37baee3bd66c7747b3752bd0b91e26b69b30998a010122342d503602a8f9a783d8c0c129c9ec8fb45
Malware Config
Extracted
redline
PUB
45.9.20.182:52236
Targets
-
-
Target
0e659c9b1f62c90232029cce2ce9e5883fcf9b59c84dbbc25f83a8e765b60a7e
-
Size
336KB
-
MD5
13fd071c255816941b174ff92d3a2f07
-
SHA1
e747d65cdef2f14617bef2ae78420e2f2fcf7562
-
SHA256
0e659c9b1f62c90232029cce2ce9e5883fcf9b59c84dbbc25f83a8e765b60a7e
-
SHA512
850c02fc7e3a0002d6e61b5e7046d52944b97126b0ce95f37baee3bd66c7747b3752bd0b91e26b69b30998a010122342d503602a8f9a783d8c0c129c9ec8fb45
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-