General
-
Target
7f0db3f695c71946cd5ca26c0cd8d73105a3d4f441c30cba59c1d2c121314304
-
Size
425KB
-
Sample
211127-pdh4xsadhr
-
MD5
4620a55850417bca733a61f811b8c0ff
-
SHA1
c3dbf5522c91ef397a2afe8f211baefc802974f9
-
SHA256
7f0db3f695c71946cd5ca26c0cd8d73105a3d4f441c30cba59c1d2c121314304
-
SHA512
e222502ffa8f7d0328ceb30754fbfe1791d71aed37f614176973aa43b41c4ca97ae0b440ea77cacf1db8a16ffef0717b389562c88e34a030830428869dee1791
Malware Config
Extracted
redline
udptest
193.56.146.64:65441
Targets
-
-
Target
7f0db3f695c71946cd5ca26c0cd8d73105a3d4f441c30cba59c1d2c121314304
-
Size
425KB
-
MD5
4620a55850417bca733a61f811b8c0ff
-
SHA1
c3dbf5522c91ef397a2afe8f211baefc802974f9
-
SHA256
7f0db3f695c71946cd5ca26c0cd8d73105a3d4f441c30cba59c1d2c121314304
-
SHA512
e222502ffa8f7d0328ceb30754fbfe1791d71aed37f614176973aa43b41c4ca97ae0b440ea77cacf1db8a16ffef0717b389562c88e34a030830428869dee1791
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-