General
-
Target
40073a62aad20fcaf8226d3ed7b7dd98.exe
-
Size
367KB
-
Sample
220412-s5b2gadbel
-
MD5
40073a62aad20fcaf8226d3ed7b7dd98
-
SHA1
c50ea827a4e6695594580a562cfd8fd31630de90
-
SHA256
bf443e407476f3c013f106bb2ffc7540dac5dc5badd162b9574f13fa500604ce
-
SHA512
6f98ea608485b6cde18b1b16d0ef7820f0f5d27d70e5b68ba170675a5f5f6c8e10098caf1799c8e3d54be01e02c8536981c322025b79118d6b0b7fee9935adb7
Malware Config
Extracted
redline
50
193.106.191.153:23196
-
auth_value
8735fcb130c82dd9d353478678d60bde
Targets
-
-
Target
40073a62aad20fcaf8226d3ed7b7dd98.exe
-
Size
367KB
-
MD5
40073a62aad20fcaf8226d3ed7b7dd98
-
SHA1
c50ea827a4e6695594580a562cfd8fd31630de90
-
SHA256
bf443e407476f3c013f106bb2ffc7540dac5dc5badd162b9574f13fa500604ce
-
SHA512
6f98ea608485b6cde18b1b16d0ef7820f0f5d27d70e5b68ba170675a5f5f6c8e10098caf1799c8e3d54be01e02c8536981c322025b79118d6b0b7fee9935adb7
Score10/10-
Meta Stealer Stealer
Meta Stealer steals passwords stored in browsers, written in C++.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-