General
-
Target
4bd455ca12b02eefd27ba9f1e9ae81f35206be2d76e9610d09f46d72eb586984
-
Size
285KB
-
Sample
211126-j5wansbcdr
-
MD5
0f35aa2dc7271aef7bf8072dd1310b00
-
SHA1
5c5b6fc136889ca0437bc70898a8f230dcd96009
-
SHA256
4bd455ca12b02eefd27ba9f1e9ae81f35206be2d76e9610d09f46d72eb586984
-
SHA512
f6621fa5fe87c3d01d45ea1bcb51b99478b0e57887597748590c5816918a440d3bcff07acac961bd3a203f91bdd2d222e9d5d764cb3c0bec19c3ca8563aaae14
Malware Config
Extracted
redline
udptest
193.56.146.64:65441
Targets
-
-
Target
4bd455ca12b02eefd27ba9f1e9ae81f35206be2d76e9610d09f46d72eb586984
-
Size
285KB
-
MD5
0f35aa2dc7271aef7bf8072dd1310b00
-
SHA1
5c5b6fc136889ca0437bc70898a8f230dcd96009
-
SHA256
4bd455ca12b02eefd27ba9f1e9ae81f35206be2d76e9610d09f46d72eb586984
-
SHA512
f6621fa5fe87c3d01d45ea1bcb51b99478b0e57887597748590c5816918a440d3bcff07acac961bd3a203f91bdd2d222e9d5d764cb3c0bec19c3ca8563aaae14
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-