General
-
Target
a732e0396309825328bb5ece2291209ab9355be4e68839482e068337442d3bf5
-
Size
385KB
-
Sample
220523-myj6lsgcck
-
MD5
8bc8250681d85a47c7162d35f7722554
-
SHA1
fbd3a14b23c431e9ec331d53cc3fd8da40ba0685
-
SHA256
a732e0396309825328bb5ece2291209ab9355be4e68839482e068337442d3bf5
-
SHA512
a3dc17b64576aeca88b516a38f55b4dc452338bdaff53a8642320e3c4e889f00a14f3d0cc6f99f6d2185361d14364e15fe6fd3e1138fc616f9c39d61d46ee0a9
Malware Config
Extracted
redline
meta1
193.106.191.182:23196
-
auth_value
9a16ce2cecb89012977449117f5e8d58
Targets
-
-
Target
a732e0396309825328bb5ece2291209ab9355be4e68839482e068337442d3bf5
-
Size
385KB
-
MD5
8bc8250681d85a47c7162d35f7722554
-
SHA1
fbd3a14b23c431e9ec331d53cc3fd8da40ba0685
-
SHA256
a732e0396309825328bb5ece2291209ab9355be4e68839482e068337442d3bf5
-
SHA512
a3dc17b64576aeca88b516a38f55b4dc452338bdaff53a8642320e3c4e889f00a14f3d0cc6f99f6d2185361d14364e15fe6fd3e1138fc616f9c39d61d46ee0a9
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-