General
-
Target
cdebae8237136909b5d7a96be8c90a22572eba86aafb7f64b133505cb5a2c94e
-
Size
347KB
-
Sample
220515-tvcexshecl
-
MD5
7384c435a7e02e144d94dbcc8316bbbf
-
SHA1
6d94240fc9f90d6e08188e50eb501c13516a0c10
-
SHA256
cdebae8237136909b5d7a96be8c90a22572eba86aafb7f64b133505cb5a2c94e
-
SHA512
8b78f08049bb09411aaa1937c7f9ad27334306eae57955a7bdb4be2ec797232ee0dbe0627efcfdf2d1c568260f73e4f22878e514e550eb2d0fccf615a9e22142
Malware Config
Extracted
redline
top
iclarinyerac.xyz:80
manellylarii.xyz:80
-
auth_value
b66a08c69f913be894bbfce00805fab1
Targets
-
-
Target
cdebae8237136909b5d7a96be8c90a22572eba86aafb7f64b133505cb5a2c94e
-
Size
347KB
-
MD5
7384c435a7e02e144d94dbcc8316bbbf
-
SHA1
6d94240fc9f90d6e08188e50eb501c13516a0c10
-
SHA256
cdebae8237136909b5d7a96be8c90a22572eba86aafb7f64b133505cb5a2c94e
-
SHA512
8b78f08049bb09411aaa1937c7f9ad27334306eae57955a7bdb4be2ec797232ee0dbe0627efcfdf2d1c568260f73e4f22878e514e550eb2d0fccf615a9e22142
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-