General
-
Target
6e85a1535c9ce115199a7da32b0ba2f14a5e1d7d9df9bc606b091cc72407749e
-
Size
384KB
-
Sample
220520-wfyqqaebdp
-
MD5
8541ac7cf0202ddc53e9046d8f0c44f5
-
SHA1
4b814437cd710c67998bbf2d26c226f7de167423
-
SHA256
6e85a1535c9ce115199a7da32b0ba2f14a5e1d7d9df9bc606b091cc72407749e
-
SHA512
14fafa794bcd1c4bfa7e25b0f418165711fb74dc8cb6d5bf2dc5dc4541d154d7d0fda2dfa81ac4c2c8642b5cd58f7dc554754a15ab41749b91734e1ea59e0ab1
Malware Config
Extracted
redline
test1
185.215.113.75:80
-
auth_value
7ab4a4e2eae9eb7ae10f64f68df53bb3
Targets
-
-
Target
6e85a1535c9ce115199a7da32b0ba2f14a5e1d7d9df9bc606b091cc72407749e
-
Size
384KB
-
MD5
8541ac7cf0202ddc53e9046d8f0c44f5
-
SHA1
4b814437cd710c67998bbf2d26c226f7de167423
-
SHA256
6e85a1535c9ce115199a7da32b0ba2f14a5e1d7d9df9bc606b091cc72407749e
-
SHA512
14fafa794bcd1c4bfa7e25b0f418165711fb74dc8cb6d5bf2dc5dc4541d154d7d0fda2dfa81ac4c2c8642b5cd58f7dc554754a15ab41749b91734e1ea59e0ab1
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-