General
-
Target
be90682301b430d616d86948e529a26d68d44aec0a58a557466d752f469f2bc3
-
Size
285KB
-
Sample
211126-ge44sadhh3
-
MD5
f397b33c6ca680b2353c7efe235cafd6
-
SHA1
b53ae0353802da37a251ed6550f9d9b5c63f9109
-
SHA256
be90682301b430d616d86948e529a26d68d44aec0a58a557466d752f469f2bc3
-
SHA512
2bdd6f793786332c45571d8ea1f5795412b4926349f74808da45bb5e332b40c7c6c0923a533398542e4a6f01afc7312434bcabe72055c0cc0481f32e1236c5da
Malware Config
Extracted
redline
Updbdate
193.56.146.64:65441
Targets
-
-
Target
be90682301b430d616d86948e529a26d68d44aec0a58a557466d752f469f2bc3
-
Size
285KB
-
MD5
f397b33c6ca680b2353c7efe235cafd6
-
SHA1
b53ae0353802da37a251ed6550f9d9b5c63f9109
-
SHA256
be90682301b430d616d86948e529a26d68d44aec0a58a557466d752f469f2bc3
-
SHA512
2bdd6f793786332c45571d8ea1f5795412b4926349f74808da45bb5e332b40c7c6c0923a533398542e4a6f01afc7312434bcabe72055c0cc0481f32e1236c5da
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-