General
-
Target
b83fd52056dc4354b56c8c3b22f8918c99991d5029db5ae55d66b82963fc1ed5
-
Size
255KB
-
Sample
220520-wcpcwaeadr
-
MD5
bfd08141f98a384b62fb9fed264347f8
-
SHA1
0313ebcc87f31625e9b7fcf09ff0d8dab8ce9978
-
SHA256
7fc3d5638eb8da165c55525581f0f54ab35438db2f890aca2d5517c7641ab212
-
SHA512
8bf9fc50935c5b959ffc01773a9c9b54f7e9f87c449fd73f87165cc769fc6ea23a9a93411241bf6e380ce77869f31c812dda827427dfff9a7ef9a59deaed4673
Malware Config
Extracted
redline
test1
185.215.113.75:80
-
auth_value
7ab4a4e2eae9eb7ae10f64f68df53bb3
Targets
-
-
Target
b83fd52056dc4354b56c8c3b22f8918c99991d5029db5ae55d66b82963fc1ed5
-
Size
384KB
-
MD5
138b3fe6de98eabb5f0f2cac7cd9bae2
-
SHA1
040625bdf94d8faf02c182fd509478a34821cca9
-
SHA256
b83fd52056dc4354b56c8c3b22f8918c99991d5029db5ae55d66b82963fc1ed5
-
SHA512
1f7cd1a2990602b4dc25bacab8622ebc6895c43f78f80a9522e529618330c47a1641bb17c0dd526f673017e5e55be2369b558753df83d71e0315110bc1f7f71b
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-