General
-
Target
e887a0ceda5697453f18397c1ed47c8681d01984174f02e082c766fbb8e148df
-
Size
285KB
-
Sample
211126-e5e68sadfm
-
MD5
abc02ffdd506c4ceeceb49d9447af461
-
SHA1
e3b2bfaec666a08a8ac7b662d84719a075cb6705
-
SHA256
e887a0ceda5697453f18397c1ed47c8681d01984174f02e082c766fbb8e148df
-
SHA512
9db71156c3d1d4ea82880916333337a40d0d2fd6858404a154e7f349dab696a6ab317dc47d41261d883abf251b5b9fdd507f0f37c3606417e19637ead71d849e
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
e887a0ceda5697453f18397c1ed47c8681d01984174f02e082c766fbb8e148df
-
Size
285KB
-
MD5
abc02ffdd506c4ceeceb49d9447af461
-
SHA1
e3b2bfaec666a08a8ac7b662d84719a075cb6705
-
SHA256
e887a0ceda5697453f18397c1ed47c8681d01984174f02e082c766fbb8e148df
-
SHA512
9db71156c3d1d4ea82880916333337a40d0d2fd6858404a154e7f349dab696a6ab317dc47d41261d883abf251b5b9fdd507f0f37c3606417e19637ead71d849e
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-