General
-
Target
fd706cf54620130bda3f97d4da36352b965918605551e4efb144038a1b665d36
-
Size
407KB
-
Sample
220522-djm5aaabhk
-
MD5
75eb79d080444b535bd1b14594928809
-
SHA1
0b3b2389cf24856c17d4f672a744a85ad542b207
-
SHA256
fd706cf54620130bda3f97d4da36352b965918605551e4efb144038a1b665d36
-
SHA512
ef86778b6eac015a4b06b0632e7b281ad68f563dc4deabd207199c79db0e1835974b5e1f94071e174cf83a43fe2654a9aa761e3bcee1009006939a22136e69aa
Malware Config
Extracted
redline
meta1
193.106.191.182:23196
-
auth_value
9a16ce2cecb89012977449117f5e8d58
Targets
-
-
Target
fd706cf54620130bda3f97d4da36352b965918605551e4efb144038a1b665d36
-
Size
407KB
-
MD5
75eb79d080444b535bd1b14594928809
-
SHA1
0b3b2389cf24856c17d4f672a744a85ad542b207
-
SHA256
fd706cf54620130bda3f97d4da36352b965918605551e4efb144038a1b665d36
-
SHA512
ef86778b6eac015a4b06b0632e7b281ad68f563dc4deabd207199c79db0e1835974b5e1f94071e174cf83a43fe2654a9aa761e3bcee1009006939a22136e69aa
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-