General
-
Target
ab43cc3ab1c115e36cf9d18f97acfaf7b0530426f214943f89a6c462588219a0
-
Size
388KB
-
Sample
220519-erdfgsdgdj
-
MD5
a915c9148991d639a30c5aad13ef1719
-
SHA1
8de359a6a2daa3a66232829eaf1b50bde91bd394
-
SHA256
ab43cc3ab1c115e36cf9d18f97acfaf7b0530426f214943f89a6c462588219a0
-
SHA512
05a43e7e2aad19d23dc6f50f7d33d62ea3bd14fdafdd8bc869dd4c5afa0e16430d0186d6411c6957be7b75fa8bcedcebff09f62ec57fbc386820d7dda7e8a357
Malware Config
Extracted
redline
test1
185.215.113.75:80
-
auth_value
7ab4a4e2eae9eb7ae10f64f68df53bb3
Targets
-
-
Target
ab43cc3ab1c115e36cf9d18f97acfaf7b0530426f214943f89a6c462588219a0
-
Size
388KB
-
MD5
a915c9148991d639a30c5aad13ef1719
-
SHA1
8de359a6a2daa3a66232829eaf1b50bde91bd394
-
SHA256
ab43cc3ab1c115e36cf9d18f97acfaf7b0530426f214943f89a6c462588219a0
-
SHA512
05a43e7e2aad19d23dc6f50f7d33d62ea3bd14fdafdd8bc869dd4c5afa0e16430d0186d6411c6957be7b75fa8bcedcebff09f62ec57fbc386820d7dda7e8a357
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-