General
-
Target
fc6e4737e37a87e1ad82d2d1d14feeb75eab7a20cac2e234829970dc5a5779ae
-
Size
405KB
-
Sample
211125-bmewzahce5
-
MD5
b40fb6869e8e793afbd6ede5377ca1f2
-
SHA1
c7e60d999c66770bdd836e5a45e90cf2703a2d95
-
SHA256
fc6e4737e37a87e1ad82d2d1d14feeb75eab7a20cac2e234829970dc5a5779ae
-
SHA512
aba82ba2abf793d4ed2f6ca43e2d9310b5d9b7ce18b3b3a23dac477450b22d98a414a7508be0364d755a3bc5a170030287e6e57dce4ce31e5c0892f3a306bd21
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
fc6e4737e37a87e1ad82d2d1d14feeb75eab7a20cac2e234829970dc5a5779ae
-
Size
405KB
-
MD5
b40fb6869e8e793afbd6ede5377ca1f2
-
SHA1
c7e60d999c66770bdd836e5a45e90cf2703a2d95
-
SHA256
fc6e4737e37a87e1ad82d2d1d14feeb75eab7a20cac2e234829970dc5a5779ae
-
SHA512
aba82ba2abf793d4ed2f6ca43e2d9310b5d9b7ce18b3b3a23dac477450b22d98a414a7508be0364d755a3bc5a170030287e6e57dce4ce31e5c0892f3a306bd21
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-