General
-
Target
4d4d3914deceb01d0853be2198b2fb9bca49f5c101e4c7a481e70283b813cb87
-
Size
336KB
-
Sample
211021-c6s4daafem
-
MD5
2d7ea9a5654be3ae4ab351ae44e3296c
-
SHA1
5b8d3ddfab10951bf6df8c9bb53ce7295392be7d
-
SHA256
4d4d3914deceb01d0853be2198b2fb9bca49f5c101e4c7a481e70283b813cb87
-
SHA512
0b3ebb2476386326e641945864d01f2bfc0797b8b8fbc671d9b163c48648420f10a0b2a90ac3165c9c327798c2c742415ab0d0f4c9d92b2a897a0aed8bd5d06c
Malware Config
Extracted
redline
PUB
45.9.20.182:52236
Targets
-
-
Target
4d4d3914deceb01d0853be2198b2fb9bca49f5c101e4c7a481e70283b813cb87
-
Size
336KB
-
MD5
2d7ea9a5654be3ae4ab351ae44e3296c
-
SHA1
5b8d3ddfab10951bf6df8c9bb53ce7295392be7d
-
SHA256
4d4d3914deceb01d0853be2198b2fb9bca49f5c101e4c7a481e70283b813cb87
-
SHA512
0b3ebb2476386326e641945864d01f2bfc0797b8b8fbc671d9b163c48648420f10a0b2a90ac3165c9c327798c2c742415ab0d0f4c9d92b2a897a0aed8bd5d06c
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-