General
-
Target
b75d7fc182fa79b840c9190d0367e1b6d2fbf8b0c9d75248edaf5bb792ec3b82
-
Size
296KB
-
Sample
211126-tl9n3agfc9
-
MD5
89fb209c0f807ec20d803b904570b73d
-
SHA1
740842678768d4eec618b72b680e13cc9956cd97
-
SHA256
b75d7fc182fa79b840c9190d0367e1b6d2fbf8b0c9d75248edaf5bb792ec3b82
-
SHA512
21904d468ea319c9cc4bec80cd5ed987e4dd7ab42997f0439b44a5081336176c78357de99f0f939ff584fcdd2d33fe0b0e2543b018da31e1cc093d93186a0f5e
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
b75d7fc182fa79b840c9190d0367e1b6d2fbf8b0c9d75248edaf5bb792ec3b82
-
Size
296KB
-
MD5
89fb209c0f807ec20d803b904570b73d
-
SHA1
740842678768d4eec618b72b680e13cc9956cd97
-
SHA256
b75d7fc182fa79b840c9190d0367e1b6d2fbf8b0c9d75248edaf5bb792ec3b82
-
SHA512
21904d468ea319c9cc4bec80cd5ed987e4dd7ab42997f0439b44a5081336176c78357de99f0f939ff584fcdd2d33fe0b0e2543b018da31e1cc093d93186a0f5e
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-