General
-
Target
b6210398e637f79868c242800361fed363102029961366d6a761929d00d8c1ef
-
Size
385KB
-
Sample
220523-ctv27sbed6
-
MD5
0145fe6067124b6841fdfeb9c087587f
-
SHA1
a8856d12abcbf989e48536e6255be74298f89213
-
SHA256
b6210398e637f79868c242800361fed363102029961366d6a761929d00d8c1ef
-
SHA512
d9b405ce3ac7ad0f03fc914dc74b16973c1e8b0a468e6dbc8b34299fcfef9a50636e33ad31288bf926116acd6fed3ce2b754eb09d30810655bf97f2a88bc5ba0
Malware Config
Extracted
redline
meta1
193.106.191.182:23196
-
auth_value
9a16ce2cecb89012977449117f5e8d58
Targets
-
-
Target
b6210398e637f79868c242800361fed363102029961366d6a761929d00d8c1ef
-
Size
385KB
-
MD5
0145fe6067124b6841fdfeb9c087587f
-
SHA1
a8856d12abcbf989e48536e6255be74298f89213
-
SHA256
b6210398e637f79868c242800361fed363102029961366d6a761929d00d8c1ef
-
SHA512
d9b405ce3ac7ad0f03fc914dc74b16973c1e8b0a468e6dbc8b34299fcfef9a50636e33ad31288bf926116acd6fed3ce2b754eb09d30810655bf97f2a88bc5ba0
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-