General
-
Target
f828cd7d30087f279dceaeaebe6801e636fd1b1a244491377eaf409e197bc0df
-
Size
457KB
-
Sample
220125-v249ysbgfj
-
MD5
96adcf06b0d8cd9af58d4c52d1400f53
-
SHA1
4442f31bf23607cdfb53455f651572d2eba65cf6
-
SHA256
f828cd7d30087f279dceaeaebe6801e636fd1b1a244491377eaf409e197bc0df
-
SHA512
e8fa7c179758b5e0b6db9b160383f95a42b5ba932501c9bcf33f6939521c479db23d1bf45e89c29bf7127883098b3eda614e5e336d7ddd872c19b20fb5c300c2
Malware Config
Extracted
redline
SEWPALPADIN
45.9.20.112:57175
Targets
-
-
Target
f828cd7d30087f279dceaeaebe6801e636fd1b1a244491377eaf409e197bc0df
-
Size
457KB
-
MD5
96adcf06b0d8cd9af58d4c52d1400f53
-
SHA1
4442f31bf23607cdfb53455f651572d2eba65cf6
-
SHA256
f828cd7d30087f279dceaeaebe6801e636fd1b1a244491377eaf409e197bc0df
-
SHA512
e8fa7c179758b5e0b6db9b160383f95a42b5ba932501c9bcf33f6939521c479db23d1bf45e89c29bf7127883098b3eda614e5e336d7ddd872c19b20fb5c300c2
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-