General
-
Target
bece7c25ad4c5b987ca726398c55b1ca9ac0e720bc99319b027de15744d86104
-
Size
405KB
-
Sample
211125-pw3w2saef5
-
MD5
d6584fc388912bedf706b986d3c7e03b
-
SHA1
87e4f586c6f626c266a62686a0e920c746dfe59d
-
SHA256
bece7c25ad4c5b987ca726398c55b1ca9ac0e720bc99319b027de15744d86104
-
SHA512
86b0fd7c2773df1bcb1f03167336a8092168c54263f095874429dda760c57203ba65debfe900e2ea3ea172835e7e6d4d0423f5fe5cb9e418faf33a134d0366c2
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
bece7c25ad4c5b987ca726398c55b1ca9ac0e720bc99319b027de15744d86104
-
Size
405KB
-
MD5
d6584fc388912bedf706b986d3c7e03b
-
SHA1
87e4f586c6f626c266a62686a0e920c746dfe59d
-
SHA256
bece7c25ad4c5b987ca726398c55b1ca9ac0e720bc99319b027de15744d86104
-
SHA512
86b0fd7c2773df1bcb1f03167336a8092168c54263f095874429dda760c57203ba65debfe900e2ea3ea172835e7e6d4d0423f5fe5cb9e418faf33a134d0366c2
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-