General
-
Target
52cb37d91906ed1cd97be339ee5e885bd63989898d5518db5e66f5124a698460
-
Size
423KB
-
Sample
211201-qyc9vacedr
-
MD5
3d93e2c61b25516ee8997b61b2fe63a0
-
SHA1
95aa403192be4f765be06861c1997a59a73bb40f
-
SHA256
52cb37d91906ed1cd97be339ee5e885bd63989898d5518db5e66f5124a698460
-
SHA512
0e9213992e23c87d452a94ef2d7239a4b3301d7a2841dd47774afed7f1a8db6ac886c1de2ae5b7fdd31c8257c65172bfde2be1c8f5a543d8659e2cdc294206d9
Malware Config
Extracted
redline
mix 01.12
95.143.179.152:42556
Targets
-
-
Target
52cb37d91906ed1cd97be339ee5e885bd63989898d5518db5e66f5124a698460
-
Size
423KB
-
MD5
3d93e2c61b25516ee8997b61b2fe63a0
-
SHA1
95aa403192be4f765be06861c1997a59a73bb40f
-
SHA256
52cb37d91906ed1cd97be339ee5e885bd63989898d5518db5e66f5124a698460
-
SHA512
0e9213992e23c87d452a94ef2d7239a4b3301d7a2841dd47774afed7f1a8db6ac886c1de2ae5b7fdd31c8257c65172bfde2be1c8f5a543d8659e2cdc294206d9
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-