General
-
Target
6b4bccee1e0994376b5042342f96f08050b78f5f2536106ac5973acf83fe8a4b
-
Size
337KB
-
Sample
211021-ekt5naafhj
-
MD5
c5d0654eedf0386fb60d83c6ef3ccfd4
-
SHA1
8859fc021f6173270e160e16d98e91c9d5f6e335
-
SHA256
6b4bccee1e0994376b5042342f96f08050b78f5f2536106ac5973acf83fe8a4b
-
SHA512
f1e61fdb7b42ed7c47abd461de9533601d889e97434149ce93640b87474b45b111a3591c54bb7614187d7bef9222e08b8a134969fc6f75ac8baaafee8c8c4be3
Malware Config
Extracted
redline
PUB
45.9.20.182:52236
Targets
-
-
Target
6b4bccee1e0994376b5042342f96f08050b78f5f2536106ac5973acf83fe8a4b
-
Size
337KB
-
MD5
c5d0654eedf0386fb60d83c6ef3ccfd4
-
SHA1
8859fc021f6173270e160e16d98e91c9d5f6e335
-
SHA256
6b4bccee1e0994376b5042342f96f08050b78f5f2536106ac5973acf83fe8a4b
-
SHA512
f1e61fdb7b42ed7c47abd461de9533601d889e97434149ce93640b87474b45b111a3591c54bb7614187d7bef9222e08b8a134969fc6f75ac8baaafee8c8c4be3
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-