General
-
Target
7cbdb5778dc7c2c9377eb8a03e6063d966e90d442ad0e8b65eaa33f5e8d54a9c
-
Size
405KB
-
Sample
211125-vcrbssbbg2
-
MD5
826fce77343a479518b652f51f06d884
-
SHA1
a3ace9b820802826b80c71bf9a6cef234f18a555
-
SHA256
7cbdb5778dc7c2c9377eb8a03e6063d966e90d442ad0e8b65eaa33f5e8d54a9c
-
SHA512
8cd3fbc1b015b0b504cc6dda0f98c7de8994ccdad3566d9ae14fa78795bdb6f97cf882609cc445a14ab0b5daceeb3844ef9fc3eeaab75bfff154402dc99e4870
Malware Config
Extracted
redline
RUZKI
185.215.113.29:26828
Targets
-
-
Target
7cbdb5778dc7c2c9377eb8a03e6063d966e90d442ad0e8b65eaa33f5e8d54a9c
-
Size
405KB
-
MD5
826fce77343a479518b652f51f06d884
-
SHA1
a3ace9b820802826b80c71bf9a6cef234f18a555
-
SHA256
7cbdb5778dc7c2c9377eb8a03e6063d966e90d442ad0e8b65eaa33f5e8d54a9c
-
SHA512
8cd3fbc1b015b0b504cc6dda0f98c7de8994ccdad3566d9ae14fa78795bdb6f97cf882609cc445a14ab0b5daceeb3844ef9fc3eeaab75bfff154402dc99e4870
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-