General
-
Target
a965a5bbdb788a4ca9143ea0fa4d3fd7f4ab1af29fb5f64c64be78ddd031d33d
-
Size
424KB
-
Sample
211127-lnyqkshhek
-
MD5
3058520c16d2db5f3e602e2676acf341
-
SHA1
6cfc45eab31762b366efd9c81b100f637f251b57
-
SHA256
a965a5bbdb788a4ca9143ea0fa4d3fd7f4ab1af29fb5f64c64be78ddd031d33d
-
SHA512
5359a43cfe2844b46d1b18b988a80b1d07306bf26110b38644d6cf177f261275068ae85cd303bd07c2673cd874795b6daf0ed5dc162b6a5639f0e2857d8bcc7c
Malware Config
Extracted
redline
Pubdate
193.56.146.64:65441
Targets
-
-
Target
a965a5bbdb788a4ca9143ea0fa4d3fd7f4ab1af29fb5f64c64be78ddd031d33d
-
Size
424KB
-
MD5
3058520c16d2db5f3e602e2676acf341
-
SHA1
6cfc45eab31762b366efd9c81b100f637f251b57
-
SHA256
a965a5bbdb788a4ca9143ea0fa4d3fd7f4ab1af29fb5f64c64be78ddd031d33d
-
SHA512
5359a43cfe2844b46d1b18b988a80b1d07306bf26110b38644d6cf177f261275068ae85cd303bd07c2673cd874795b6daf0ed5dc162b6a5639f0e2857d8bcc7c
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-