General
-
Target
db3f4e9fa82d8c3732fdc4cb261e72b2ca4e2b2c391040272b5d368498e54a89
-
Size
285KB
-
Sample
211126-feptesaeap
-
MD5
0ca061d6027ba73ac6c4f56ed09e1f7f
-
SHA1
ab89e58c55fe3eac55aa471ad4180d1084f33a7b
-
SHA256
db3f4e9fa82d8c3732fdc4cb261e72b2ca4e2b2c391040272b5d368498e54a89
-
SHA512
9921b1ed8cc86cd5fb705d4824c3f4aab605610fdcc58ba8142543e0bf14d4c737d29d0ac6b73dfc921b412b498dd3d789e9a98c83789f0d7bd25255957be959
Malware Config
Extracted
redline
Updbdate
193.56.146.64:65441
Targets
-
-
Target
db3f4e9fa82d8c3732fdc4cb261e72b2ca4e2b2c391040272b5d368498e54a89
-
Size
285KB
-
MD5
0ca061d6027ba73ac6c4f56ed09e1f7f
-
SHA1
ab89e58c55fe3eac55aa471ad4180d1084f33a7b
-
SHA256
db3f4e9fa82d8c3732fdc4cb261e72b2ca4e2b2c391040272b5d368498e54a89
-
SHA512
9921b1ed8cc86cd5fb705d4824c3f4aab605610fdcc58ba8142543e0bf14d4c737d29d0ac6b73dfc921b412b498dd3d789e9a98c83789f0d7bd25255957be959
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-