General
-
Target
dc5f75ecc5957d7ddb28bbe2ce9c6c23.exe
-
Size
366KB
-
Sample
220412-n4kvrsbcer
-
MD5
dc5f75ecc5957d7ddb28bbe2ce9c6c23
-
SHA1
96ee5a0c5ef0dfbb92e3effb2e9def6969bfb582
-
SHA256
030031967edc4442758b080c291fa29e2220d299194173c0a7dd484609f0ad15
-
SHA512
bfa7f6541aceaf33d13a505e91ea3a93ad3436eb906538652334d4566fd23b5257cee789096e3c78b630a6c55503867def06424ed8e614c74a0d566738ba80a5
Malware Config
Extracted
redline
50
193.106.191.153:23196
-
auth_value
8735fcb130c82dd9d353478678d60bde
Targets
-
-
Target
dc5f75ecc5957d7ddb28bbe2ce9c6c23.exe
-
Size
366KB
-
MD5
dc5f75ecc5957d7ddb28bbe2ce9c6c23
-
SHA1
96ee5a0c5ef0dfbb92e3effb2e9def6969bfb582
-
SHA256
030031967edc4442758b080c291fa29e2220d299194173c0a7dd484609f0ad15
-
SHA512
bfa7f6541aceaf33d13a505e91ea3a93ad3436eb906538652334d4566fd23b5257cee789096e3c78b630a6c55503867def06424ed8e614c74a0d566738ba80a5
Score10/10-
Meta Stealer Stealer
Meta Stealer steals passwords stored in browsers, written in C++.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-