General
-
Target
754bcfeeb6fa90968f9c545f6c422983cefa2eb86a6224b5165b21e5d6bd965d
-
Size
378KB
-
Sample
220519-24lc7acgf6
-
MD5
1fe8d81158ceb6fd4eda4d48ad55507d
-
SHA1
d817b95923c5550f1f547dab38d6817bf4b23387
-
SHA256
754bcfeeb6fa90968f9c545f6c422983cefa2eb86a6224b5165b21e5d6bd965d
-
SHA512
f67d4967d2d4568cc1035a310109dcefa7bcd789dc245cfc35c65d8bac3b42e95cd3cc49b807476c3459df92e84da7a823a8de19131b417d264f0c99557fae58
Malware Config
Extracted
redline
test1
185.215.113.75:80
-
auth_value
7ab4a4e2eae9eb7ae10f64f68df53bb3
Targets
-
-
Target
754bcfeeb6fa90968f9c545f6c422983cefa2eb86a6224b5165b21e5d6bd965d
-
Size
378KB
-
MD5
1fe8d81158ceb6fd4eda4d48ad55507d
-
SHA1
d817b95923c5550f1f547dab38d6817bf4b23387
-
SHA256
754bcfeeb6fa90968f9c545f6c422983cefa2eb86a6224b5165b21e5d6bd965d
-
SHA512
f67d4967d2d4568cc1035a310109dcefa7bcd789dc245cfc35c65d8bac3b42e95cd3cc49b807476c3459df92e84da7a823a8de19131b417d264f0c99557fae58
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-