General
-
Target
d31545fc93b660bdfcd83ccf1cd5543b865021da5107e3a758b12f2196d9183a
-
Size
347KB
-
Sample
220515-ttl8qshecj
-
MD5
0ac4fd484b5bda7667a6523dda0ebaa9
-
SHA1
90c99d6fec6bbc6f4b65b4204c58c9a995dda5db
-
SHA256
d31545fc93b660bdfcd83ccf1cd5543b865021da5107e3a758b12f2196d9183a
-
SHA512
08ae61b86c6efc76e542bb26a8fc2bde770644f2172be28673e35d67974a5e116e4ef73f868507f0d5c98f10d542850435466b324def3edd6c1beaa2612d39ad
Malware Config
Extracted
redline
51
193.106.191.182:23196
-
auth_value
21351f5b8358ade7446b0c10ec81735e
Targets
-
-
Target
d31545fc93b660bdfcd83ccf1cd5543b865021da5107e3a758b12f2196d9183a
-
Size
347KB
-
MD5
0ac4fd484b5bda7667a6523dda0ebaa9
-
SHA1
90c99d6fec6bbc6f4b65b4204c58c9a995dda5db
-
SHA256
d31545fc93b660bdfcd83ccf1cd5543b865021da5107e3a758b12f2196d9183a
-
SHA512
08ae61b86c6efc76e542bb26a8fc2bde770644f2172be28673e35d67974a5e116e4ef73f868507f0d5c98f10d542850435466b324def3edd6c1beaa2612d39ad
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-