General
-
Target
d31a4bae5545c9124870580a4f3bd56265761d09b655effe12a0eaca44913ea4
-
Size
407KB
-
Sample
220522-jbm27scdgr
-
MD5
0ca35c22351c3620188ed9df24fbd492
-
SHA1
ae12d44e1d7ac71fe4a01ec3c0b42a47211a5c9e
-
SHA256
d31a4bae5545c9124870580a4f3bd56265761d09b655effe12a0eaca44913ea4
-
SHA512
d5d54f09aaf842f1351257a3abd2bf1296c646be649d4fd2d0147c1e7c7feaedd643861660ada918847f52f1d189eb25060a4de4bf40692f28192e41b2be4320
Malware Config
Extracted
redline
meta1
193.106.191.182:23196
-
auth_value
9a16ce2cecb89012977449117f5e8d58
Targets
-
-
Target
d31a4bae5545c9124870580a4f3bd56265761d09b655effe12a0eaca44913ea4
-
Size
407KB
-
MD5
0ca35c22351c3620188ed9df24fbd492
-
SHA1
ae12d44e1d7ac71fe4a01ec3c0b42a47211a5c9e
-
SHA256
d31a4bae5545c9124870580a4f3bd56265761d09b655effe12a0eaca44913ea4
-
SHA512
d5d54f09aaf842f1351257a3abd2bf1296c646be649d4fd2d0147c1e7c7feaedd643861660ada918847f52f1d189eb25060a4de4bf40692f28192e41b2be4320
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-