General
-
Target
8732a2f9490378138d70b6e882559ed294e99a7e59fed755b8d069db2bbc9903
-
Size
284KB
-
Sample
211124-2h8atsdgel
-
MD5
50b35fe5ef0f8aa23630dddcd837372e
-
SHA1
d8a0e2509fd5653089d6502d64a0e11eda818448
-
SHA256
8732a2f9490378138d70b6e882559ed294e99a7e59fed755b8d069db2bbc9903
-
SHA512
6b2c6a6d4acf943561d39b761aa03f67eaf5fe409918cf7e4d3466fa15bd1a8f5329e97bd202d9e89d5f0cce261c317e9491f3425b6dd0d7f3fd73cfdc7a8cc1
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
8732a2f9490378138d70b6e882559ed294e99a7e59fed755b8d069db2bbc9903
-
Size
284KB
-
MD5
50b35fe5ef0f8aa23630dddcd837372e
-
SHA1
d8a0e2509fd5653089d6502d64a0e11eda818448
-
SHA256
8732a2f9490378138d70b6e882559ed294e99a7e59fed755b8d069db2bbc9903
-
SHA512
6b2c6a6d4acf943561d39b761aa03f67eaf5fe409918cf7e4d3466fa15bd1a8f5329e97bd202d9e89d5f0cce261c317e9491f3425b6dd0d7f3fd73cfdc7a8cc1
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-