General
-
Target
279c2217699d4ffdf5468eb2a78f22f79ae3b60282ad2de108138d1e1d517b2c
-
Size
378KB
-
Sample
220520-at1xcaddh6
-
MD5
eb576df992a3e3a2282f51d4d877f998
-
SHA1
c338b5879b22523e707bfd69cfd47aa2429643f0
-
SHA256
279c2217699d4ffdf5468eb2a78f22f79ae3b60282ad2de108138d1e1d517b2c
-
SHA512
a84407de4cadfa89d190890eaee5520b482ce237ba17a4bf2772822525b97fcec5e38906a974ce7301a57b52d6bf471b13030d1bbfe0f46b08d2317d0854caa2
Malware Config
Extracted
redline
test1
185.215.113.75:80
-
auth_value
7ab4a4e2eae9eb7ae10f64f68df53bb3
Targets
-
-
Target
279c2217699d4ffdf5468eb2a78f22f79ae3b60282ad2de108138d1e1d517b2c
-
Size
378KB
-
MD5
eb576df992a3e3a2282f51d4d877f998
-
SHA1
c338b5879b22523e707bfd69cfd47aa2429643f0
-
SHA256
279c2217699d4ffdf5468eb2a78f22f79ae3b60282ad2de108138d1e1d517b2c
-
SHA512
a84407de4cadfa89d190890eaee5520b482ce237ba17a4bf2772822525b97fcec5e38906a974ce7301a57b52d6bf471b13030d1bbfe0f46b08d2317d0854caa2
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-