General
-
Target
0x00060000000231dc-146.dat
-
Size
87KB
-
Sample
220517-s22gyseba8
-
MD5
bf1406a6f5265ca408293dfdafb30c21
-
SHA1
dfcf1e53d1fd90a69c05d721a429a8b62acacb52
-
SHA256
6f2695bed1b797b47dc121b8470b81b73a1e2af2e282eb8efdb40ca8d45d89a0
-
SHA512
aaa098d03ffcaf321bd1c060575acd8b13839316542bab75ffc1b901ad27ada2f1a43e59382705e4b507a4ff69e6c1557c59d462aa33077c763162f2b723d7db
Malware Config
Extracted
redline
Paladin
193.150.103.38:40169
-
auth_value
27544084559b144244d7ad7299642a4c
Targets
-
-
Target
0x00060000000231dc-146.dat
-
Size
87KB
-
MD5
bf1406a6f5265ca408293dfdafb30c21
-
SHA1
dfcf1e53d1fd90a69c05d721a429a8b62acacb52
-
SHA256
6f2695bed1b797b47dc121b8470b81b73a1e2af2e282eb8efdb40ca8d45d89a0
-
SHA512
aaa098d03ffcaf321bd1c060575acd8b13839316542bab75ffc1b901ad27ada2f1a43e59382705e4b507a4ff69e6c1557c59d462aa33077c763162f2b723d7db
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-