General
-
Target
f57adc89e30b24944ee977257566ca6ca2f3ab4e88408acef9c695796df986b9
-
Size
337KB
-
Sample
211021-fa11wshgh2
-
MD5
532c3b895825e8ba3e16c7f989a107c1
-
SHA1
86f4703514372adb592f4fe17e360e552ce36ac1
-
SHA256
f57adc89e30b24944ee977257566ca6ca2f3ab4e88408acef9c695796df986b9
-
SHA512
1bb2f34d7e3f76eb9d0039c1ca892f902d8855fb5dd0f44da611c6e4f80c3351f6fdb083988b7b16b94595bbfc71cf00e5625d870336fe4b04aac5c4d7674420
Malware Config
Extracted
redline
PUB
45.9.20.182:52236
Targets
-
-
Target
f57adc89e30b24944ee977257566ca6ca2f3ab4e88408acef9c695796df986b9
-
Size
337KB
-
MD5
532c3b895825e8ba3e16c7f989a107c1
-
SHA1
86f4703514372adb592f4fe17e360e552ce36ac1
-
SHA256
f57adc89e30b24944ee977257566ca6ca2f3ab4e88408acef9c695796df986b9
-
SHA512
1bb2f34d7e3f76eb9d0039c1ca892f902d8855fb5dd0f44da611c6e4f80c3351f6fdb083988b7b16b94595bbfc71cf00e5625d870336fe4b04aac5c4d7674420
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-