General
-
Target
b931b24b7bc7777ff8feee13f303499f3efa712bce7dcf1e914ff2d97568df2c
-
Size
284KB
-
Sample
211126-mmdvfsbghr
-
MD5
ac94b2b032ef7463049f3626d5676b9a
-
SHA1
490f0ebf47f4518c8394e698c65d5d7832a87bbd
-
SHA256
b931b24b7bc7777ff8feee13f303499f3efa712bce7dcf1e914ff2d97568df2c
-
SHA512
dbf2fa3f6270e21d9ff00520c0ab740ddbcda6341b79766900855c91afb534dc05df9b017c508ded7fe6c5a2d4ff6557678da8f927a47fd2b65e14016f801ce8
Malware Config
Extracted
redline
udptest
193.56.146.64:65441
Targets
-
-
Target
b931b24b7bc7777ff8feee13f303499f3efa712bce7dcf1e914ff2d97568df2c
-
Size
284KB
-
MD5
ac94b2b032ef7463049f3626d5676b9a
-
SHA1
490f0ebf47f4518c8394e698c65d5d7832a87bbd
-
SHA256
b931b24b7bc7777ff8feee13f303499f3efa712bce7dcf1e914ff2d97568df2c
-
SHA512
dbf2fa3f6270e21d9ff00520c0ab740ddbcda6341b79766900855c91afb534dc05df9b017c508ded7fe6c5a2d4ff6557678da8f927a47fd2b65e14016f801ce8
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-